記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IJNC編集委員会  

In this paper, the authors focus on and propose an approach to attack a kind of pairing-friendly curves, the Barreto-Naehring (BN) curve, to accelerate the evaluation of the security level concerning the elliptic curve discrete logarithm problem (ECDLP). More precisely, this paper targets the BN curve, which is known to be a pairing-friendly curve, and Pollard's rho method based on the random-walk is adopted to attack the curve.Though Pollard's rho method with skew Frobenius mapping is known to solve the ECDLP efficiently, this approach sometimes induces the unsolvable cycle, called the fruitless cycle, and such trials must restart with a different starting point. However, any effective method to eliminate such fruitless cycles has not been proposed. Therefore, the authors focus and give the sophisticated analysis to propose an effective approach to eliminate such cycles to optimize Pollard's rho method furthermore. In addition, we confirm the effectiveness of the method by applying it to a BN curve with 12, 17, and 33-bit parameters.

DOI： 10.15803/ijnc.11.2_231

CiNii Article

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ijnc/ijnc11.html#MiuraKMKKN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9602941

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#HattoriTTNKN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9602954

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#EguchiMUAN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9603240

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#YoshimotoKKN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9603017

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#NasuKN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9603146

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#MiyamotoFHYKKN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9602917

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#TakahashiMAUN21

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/ICCE-TW52618.2021.9603232

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icce-tw/icce-tw2021.html#SatoKKN21

掲載種別：論文集(書籍)内論文   出版者・発行元：De Gruyter  

DOI： 10.1515/9783110621730-006

researchmap

その他リンク： https://www.degruyter.com/document/doi/10.1515/9783110621730-006/xml

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this study, a new MAC based on OMAC is implemented in Arduino Uno. In addition, a function to update the common key based on pseudo-random numbers is additionally implemented. A re-verification function of the MAC value on the receiving ECU is also implemented. Similarly, these features have been implemented for the Raspberry Pi. Communication with Arduino is possible. The time taken to calculate the MAC and the time required to update the key are measured for the Arduino and Raspberry Pi, respectively. As a result, both of the OMAC processing time and the key update time in both of the microcomputers satisfied a time constraints.

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Bilinear pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the current research of the pairings, not only families of pairing-friendly elliptic curves with embedding degrees of multiple of four or six but also that of multiple of three can realize efficient pairings. However, the range of the practical choices of the elliptic curves with embedding degrees of multiple of three is more restricted than that of even embedding degrees by an efficiency reason for the computation of Miller's algorithm with a signed binary representation of a loop parameter. To ease the restriction, the authors propose to compute the Miller's algorithm by swapping the sign of the loop parameter without performance degradation for the ate pairing on such the elliptic curves.

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Bilinear pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the current research of the pairings, not only families of pairing-friendly elliptic curves with embedding degrees of multiple of four or six but also that of multiple of three are attractive choices for practical pairings. However, the pairings on such the elliptic curves cannot benefit from an efficient performing squaring available in a cyclotomic subgroup which plays an important role in fast final exponentiation. As one of the candidates of replacements of the squaring, the authors consider an efficient performing cubing available in the cyclotomic subgroup.

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Controller Area Network (CAN) is widely employed as an in-vehicle network, and is required for extremely high reliability. CAN uses five mechanisms to detect errors caused by channel noises in CAN frames. However, an adversary can reportedly falsify a CAN frame by tampering with sample points in the frame. In this paper, the effectiveness of a new falsification method that does not require sample point tampering is proposed. In the method, transient electromagnetic pulses are injected into a CAN bus by magnetic coupling that enables falsification at the target CAN node without error detection. The proposed method was examined on a CAN bus which consists of two CAN nodes. As a result, the new falsification method was effective for CAN.

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pairing-based cryptography has received much attention as an encryption method for realizing advanced cryptography such as ID-based encryption and searchable encryption. In a pairing-friendly elliptic curve of embedding degree 10, calculation cost of multiplication and squaring on extension fields of degree 5 are related to efficiency of pairing. Therefore, it is necessary to select an efficient multiplication and squaring algorithms on the extension field of degree 5. To apply these algorithms, the authors implement a pairing on an elliptic curve of embedding degree 10 with type-II all-one polynomial extension field (AOPF) of degree of 5 and optimal extension field (OEF) of degree of 5. As a result, the computational complexity of pairing with the expanded AOPF of degree 5 are almost 7.4% efficient than that of the expanded OEF of degree 5.

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

As the computer architecture technology evolves, communication protocols have been demanded not only having reliable security but also flexible functionality. Advanced cryptography has been expected as a new generation cryptography which suffices such the requirements. A pairing is one of the key technologies of the cryptography and the pairing has been known as having a substantial amount of construction parameters. Recently, the elliptic curve with embedding degree 14 is evaluated as one of the efficient curves for pairing. In the paper, we implement an optimal ate pairing on the elliptic curve by applying several variants of multiplication algorithms of extension field of degree 7 on multiple devices. The best multiplication algorithm among the candidates is derived. Besides, for efficient calculations, we propose a pseudo 7-sparse algorithm and a fast calculation method of final exponentiation. As a result, we discover the proper multiplication algorithm bases on the rate of addition and multiplications on several different computer platforms. Our proposed pseudo 7-sparse algorithm is approximately 1.54% faster than a regular algorithm on almost all tested platforms. Eventually, for the total execution time of pairing we record 9.33ms on Corei5-9500.

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：TAYLOR & FRANCIS INC  

One of the most preferred encryption techniques for data sharing in cloud environment is Ciphertext-Policy Attribute Based Encryption (CP-ABE). An efficient File Hierarchy CP-ABE (FH-CP-ABE) scheme using an integrated access structure was proposed by Wang and colleagues. Their working construction was based on symmetric pairing. In this article, we propose an efficient Asymmetric File Hierarchy Ciphertext-Policy Attribute Based Encryption (AFH-CP-ABE) which is based on an asymmetric pairing construction using denominator elimination and twist mapping. We apply this optimized Tate pairing in the proposed AFH-CP-ABE to find out its computational costs for encryption and decryption using gmp 6.0.0 library and then compared with existing schemes.

DOI： 10.1080/19361610.2019.1649534

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：TAYLOR & FRANCIS INC  

Secured information transmission is one of the critical challenges in Wireless Body Area Networks (WBAN). The main motivation of this paper is secure transmission of highly sensitive patient information with reduced computation cost and storage requirements. In this paper, we integrate Ciphertext-Policy Attribute Based Encryption (CPABE) with Constant Size Ciphertext (CPABE-CSC) and Blowfish algorithm for secure transmission of sensitive patient information. The experimental results show the efficiency of the proposed scheme in terms of computation cost and ciphertext size when compared with existing schemes.

DOI： 10.1080/19361610.2019.1669987

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IJNC編集委員会  

It is well-known that quadratic extension fields (QEFs) based on optimal extension fields (OEFs) are typically used for supersingular isogeny Diffie-Hellman (SIDH) key exchange protocol. On the other hand, there is a possibility of the performance improvement of SIDH by employing other attractive choices of QEFs with efficient performing arithmetics which are based on all-one polynomial extension fields (AOPFs) and extension fields with normal basis representation (EFNs). Thus, the authors confirm that the applicability of the new candidates of QEFs for SIDH and evaluate SIDH applied the possible choices of QEFs. As a result of the experiment, the authors found that the performances of SIDH applied the QEFs based on AOPF and EFN are comparable to that of the previous QEF. Moreover, one of the QEFs based on EFN result in a new efficient implementation of the SIDH with SIDH-friendly prime given as p= 2^{e_A}3^{e_B}f+1 where e_A, e_B and $f$ are positive integers.

DOI： 10.15803/ijnc.10.2_227

CiNii Article

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ijnc/ijnc10.html#NanjoSKN20

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 電子情報通信学会  

<p>A quadratic extension field (QEF) defined by F₁ = F_p[α]/(α²+1) is typically used for a supersingular isogeny Diffie-Hellman (SIDH). However, there exist other attractive QEFs F_i that result in a competitive or rather efficient performing the SIDH comparing with that of F₁. To exploit these QEFs without a time-consuming computation of the initial setting, the authors propose to convert existing parameter sets defined over F₁ to F_i by using an isomorphic map F₁ → F_i.</p>

DOI： 10.1587/transfun.2020TAL0002

Web of Science

Scopus

CiNii Article

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieiceta/ieiceta103.html#NanjoSKN20

掲載種別：研究論文（学術雑誌）   出版者・発行元：IJNC Editorial Committee  

DOI： 10.15803/ijnc.10.2_144

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER INTERNATIONAL PUBLISHING AG  

The existence of equivalent keys for a secret key is an inseparable topic in cryptography. Especially for pseudorandom number generators for cryptographic applications, equivalent keys are not only a specific pair of keys that generate the same sequence but includes the one that gives simply the phase-shifted sequence. In this paper, the authors especially focus on a kind of nonlinear filter generator (NLFG) defined by using a power residue calculation over an odd characteristic. Generally speaking, an evaluation of NLFGs has conducted by the randomness of the sequence itself and the security of keys. Though the previous evaluations of the randomness of the target NLFG are studied and proven theoretically, the security aspects as a cryptosystem still have not discussed. Therefore, this paper would like to begin a new security evaluation by focusing on the existence of equivalent keys for the NLFG. As a result, the authors first show that sequences generated by the NLFG are classified into several types of sequences depending on the choice of a certain parameter. Owing to this, it is found that there exist equivalent keys concerning the parameter corresponding to the above. At the same time, we show that the equivalent keys are possible to eliminate by giving the restriction on the corresponding parameter adequately.

DOI： 10.1007/978-3-030-58208-1_2

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/iwsec/iwsec2020.html#KoderaTKNU20

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In recent years, some lightweight cipher algorithms for IoT devices have been proposed. These algorithms can be applied to a variety of IoT devices without occupying too much memory and power consumption, and compared to traditional ciphers, such as AES, these algorithms have higher efficiency. The Speck algorithm is a lightweight block cipher, proposed by the NSA in June 2013, and it is specifically optimized for IoT microcontrollers. A few previous studies have shown that the Speck algorithm can be attacked through power analysis. Based on Arduino Uno as the implementation platform of the Speck 128/128 algorithm, in this paper, we propose a method to attack the Speck 128/128 algorithm. Our experiment results have shown that when the attack point in the last round of Speck 128/128 XOR operation, the round key can be successfully recovered by the Correlation Power Analysis attack.

DOI： 10.1109/CANDARW51189.2020.00076

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2020w.html#TangIKN20

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pairings are widely used for innovative protocols such as ID-based encryption and group signature authentication. According to the recent works, the Barreto-Lynn-Scott (BLS) family of pairing-friendly elliptic curves are suggested for the pairings at the various security levels. The BLS family has specific polynomial parameters in terms of an integer x0 for generating the pairing-friendly elliptic curves with various embedding degrees k, which are called BLS curves. The important fact is that one can find congruence classes of x0 which give rise to the BLS curves having a benefit of an efficient performing field arithmetics. However, except for the BLS curves with k = 24, such the practical usable congruence classes of x0 have not been provided at this time. In this manuscript, the authors provide the specific congruence classes generating the practical subfamilies of the BLS curves with k = 2i • 3 and 3j with arbitrary positive integers i and j.

DOI： 10.1109/CANDARW51189.2020.00073

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2020w.html#NanjoSKN20

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pseudo random binary sequences have been widely used in cryptographic applications due to their speedy construction, reproducibility and characteristics like true random sequence. Realization of modern cryptographic application and mathematical tools is inconceivable without random sequences. Previously, we proposed an alternative trace map function for generation of a pseudo random binary sequence that has long period, good correlation characteristics and high linear complexity that are attractive for security applications. However, it was found that the distribution of bits in sequence is not uniform which may lead to failure in randomness. In this paper, we propose a uniformization method using power of primitive root to improve uniformity of bit distribution in the sequence. Sequence of different lengths is generated using proposed sequence to verify the efficiency of the proposed uniformization method. By analyzing the bit distribution of generated sequences for different length of patterns, we show that the proposal achieves bit uniformity while maintaining randomness of the sequence.

DOI： 10.1109/CANDARW51189.2020.00066

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2020w.html#AkhterTNKF20

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pollard’s rho method is one of the most efficient methods for solving elliptic curve discrete logarithm problem (ECDLP) in elliptic curve cryptography. Pollard’s rho method with skew Frobenius mapping can solve ECDLP over a Barreto-Naehrig (BN) curve efficiently. Pollard’s rho method may result in an unsolvable cycle called a fruitless cycle. When a random walk pass results in a fruitless cycle, the random walk pass must restart with a different starting point. However, an effective method for eliminating the fruitless cycle has been not proposed yet. This paper proposes a method for eliminating the fruitless cycle in Pollard’s rho method with skew Frobenius mapping. In addition, the authors apply the proposed method to a BN curve with 17-bit parameters and confirm the effectiveness.

DOI： 10.1109/CANDAR51075.2020.00029

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2020.html#MiuraMKN20

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

We have been studying a design of the pseudo-random number generator by generated sequences with the logistic map over integers. Although it has already been presented that such properties of the generation sequences are good, the range of control parameters that satisfy the properties is not enough wide. To improve this problem, Wang et al. proposed the piecewise logistic map. It is method for increasing the range of control parameters that can generate good sequences for the pseudorandom number generator. However, it is not suitable for computer implementation, because it is defined over real numbers. In this paper, we will propose a piecewise logistic map over integers that uses an integer arithmetic and computers can calculate the map correctly. We will also show some results of numerical experiments for the sequences generated from this map.

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/conf/isita/2020

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this paper, the authors propose an algorithm to generate a sequence of bits in parallel to enhance the generating performance of the Blum-Micali method which is for constructing a pseudorandom number generator. More precisely, since the classical definition needs to refer the previous state to generate the next bit, we modify the generation steps in an alternative way by introducing the feature of the Gauss periods. It gives us a unique representation of elements as if a primitive element generates those elements as the powers and this mechanism realizes the parallel algorithm. As a result, the generator achieves to mimic the main concept of the Blum-Micali method in parallel and it is thought to be secure if the discrete logarithm problem is hard to solve.

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/conf/isita/2020

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

We show some properties of binary sequences located in Hadamard matrices of order 2〈n〉 represented by Sylvester's matrices. The Kronecker product is a method for expanding Hadamard matrix, and a set of sequences with orthogonal properties is extended by concatenation or interleaving. From these expanding methods and properties related to constructions, we discuss the increase of the set of orthogonal sequences. Finally, we show the characteristic polynomials of binary sequences located in Hadamard matrices of order 2〈n〉.

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/conf/isita/2020

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： 10.1109/CANDARW.2019.00074

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019w.html#TaketaKTKNTU19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In recent years, pairing encryption is receiving a lot of attention since it enables many innovative and multi-functional cryptographic applications based on pairing e.g. searchable encryption, broadcast encryption and so on. Pairing is a map from two additive rational point groups mathbb{G}{1}, mathrm{G}{2} to a multiplicative group mathbb{G}{3}, however, it requires complexity computation. Therefore, the author tries to develop a 128-bit security level pairing library ELiPS (Efficient Library for Pairing Systems) that incorporates various high-speed methods using BLS curves. As a result, scalar multiplications on mathbb{G}{1} and mathbb{G}{2}, exponentiation on mathbb{G}{3}, and optimal-ate pairing can be computed in 0.42[ms], 0.79[ms], 1.13[ms], and 3.12[ms], respectively.

DOI： 10.1109/ITC-CSCC.2019.8793376

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In recent years, the number of companies are adopting cloud computing service for outsourcing is increasing. On the other hand, there are threats that are like falsification or leakage to data to be kept secret. Therefore, the technologies for managing encrypted data are the attractive topics in the cryptographic field. Among them, functional encryption which is constructed with pairing-based cryptography is closing to the practical stage because pairing operation is getting faster by the recent study of pairing. In addition, there are some pairing libraries which allow a user to introduce the pairing-based cryptography to their system. Nevertheless, they have some differences in several operations. In this paper, we reconstruct pairing-based homomorphic encryption by focusing on features of libraries and examine the performance evaluations of them.

DOI： 10.1109/ITC-CSCC.2019.8793446

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In recent years, CAN is spread widely as the in-vehicle network. However, CAN protocol does not guarantee the security for traffics against falsification and spoofing. Therefore, the MAC is required for CAN so as to communicate exactly. MAC is the countermeasure for falsification and spoofing using the secret key. The problem is a method of delivering the secret key securely. This paper proposes a method to update the secret key using broadcast encryption over a non-supersingular elliptic curve. The method is implemented on Raspberry Pi and experimentally find out to be able to update the secret key efficiently.

DOI： 10.1109/ITC-CSCC.2019.8793298

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper focuses on the computational security of elliptic curve discrete logarithm (ECDLP), which can evaluate by an actual attack. The authors apply Pollard's rho method to a Barreto-Naehrig curve with minimum parameters for solving an ECDLP. An analysis of the structure for all combinations of a select of seed and starting points are given. Then, we propose the method for selecting a set of efficient seed points for a random walk for the rho method.

DOI： 10.1109/ITC-CSCC.2019.8793449

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Block Turbo Decodings (BTDs) with Soft-In Soft-Out (SISO) decodings for two dimensional product codes of linear codes can achieve good error performance, however, large computational complexity of the BTDs can be a problem. Therefore, to reduce the computational complexity, quantization methods can be employed for the BTDs by sacrificing the error performance. In this paper, a study on design for low level quantizers for the BTD with S1SO Ordered Statistics Decoding for product codes of binary linear code is shown. From simulation results for a 4-level quantizer, the authors propose a new 5-level quantizer. The proposed 5-level quantizer achieves better error performance than 4-level quantizer.

DOI： 10.1109/ITC-CSCC.2019.8793409

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Random sequences play important roles in many security applications. Several security protocols have been developed based on random sequences. Hence, their generation is one of the topic of interests among many cryptographic researchers. Previously, the authors proposed a pseudo random sequence over odd characteristic field which is generated by applying primitive polynomial, trace function and Mobius function. Some important properties such as period, autocorrelation and cross-correlation have been presented in previous work. Randomness is generally measured by statistical tests and NIST Statistical Test Suite (NIST STS) is one of the most popular tools for randomness analysis. In this work, the randomness of the generated sequence is investigated by NIST STS.

DOI： 10.1109/ICCE-TW46550.2019.8992033

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

A pseudorandom sequence has an inseparable role in various types of security applications. Especially, the linear complexity of a sequence is a measure of the randomness that should be large for secureness of a system. This paper considers the boundary of linear complexity of a geometric sequence called NTU sequence which is generated with a uniformization technique.

DOI： 10.1109/ICCE-TW46550.2019.8992029

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pseudorandom sequences of having a uniform distribution of bit patterns and high linear complexity play a key role in many security applications. However, only a few pseudorandom sequence possesses both of these vital features. In this paper, the authors propose and evaluate a geometric sequence that has a uniform distribution and high linear complexity.

DOI： 10.1109/ICCE-TW46550.2019.8991711

Web of Science

Scopus

researchmap

掲載種別：研究論文（国際会議プロシーディングス）  

© 2018 IEICE. In this research, the choice of the parameter of the Montgomery trick in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The average number of generated rational points per unit time is chosen as a measure of the effectiveness of the choice of the parameter of the Montgomery trick. The results are derived from a sufficient number of experiments with several BN curves.

DOI： 10.23919/ISITA.2018.8664242

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

© 2018 IEICE. In this research, the choice of the parameter for a method to generate distinguished rational points in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The structures of random walk paths are confirmed by experiments for several BN curves. From the results, the authors clarify the conditions in which the Rho method does not stop during an attack, and the authors also show an indication for the choice of the parameter for the method to generate distinguished points with large bits of ECDLP.

DOI： 10.23919/ISITA.2018.8664405

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/isita/isita2018.html#IkutaJKKKN18a

掲載種別：研究論文（学術雑誌）  

The authors developed a practicum in the cryptographic technology, an indispensable technology to guar- A ntee information security in the upcoming IoT era. The practicum is composed of a lecture in a part of algebra and discrete mathematics that founds modern cryptography, hardware implementation of crypto-graphic algorithms, and the side-channel attack on cryptographic hardware. It aimed not only that students learned textbook knowledge of cryptographic algorithms but also they developed their knowledge of imple-menting cryptographic algorithms considering the threat of the side-channel attack through their experience implementing the algorithms on a commercial hardware and attacking them. The practicum was offered to the third- A nd fourth-year students, and most of them achieved the required goal of the practicum. They also realized improving their practical skills in the cryptographic technology according to their responses to the questionnaire.

DOI： 10.11309/jssst.36.30

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this paper, we give some important characteristics of Knuth's quadratic congruential sequences with a particular modulus as a pseudorandom number generator. For modulus m = 2W p where p is an odd prime, we derive some periodic relations of the sequence by using analysis results shown by Iwasaki and Umeno for their one-stroke polynomial. Accordingly, we have theoretical analysis for randomness of these sequences and evaluate pseudorandom number outputs by these sequences by the NIST statistical tests.

DOI： 10.1109/IWSDA46143.2019.8966096

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/iwsda/iwsda2019.html#MiyazakiAKUN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

Curve25519 has been used in various security protocols for its efficiency and rapidity. However, Curve25519 is known to have rational points whose orders are 2, 4, and 8. In this research, the authors focus on rational points of order 4 and demonstrate a side-channel attack (SCA) against a scalar multiplication algorithm for Curve25519. It purposes to compare two scalar multiplication algorithms in terms of the difficulty of estimating a secret key via the SCA, where the algorithms are differentiated whether it uses a conditional swap function or not. Furthermore, we examine to attack an open-source library for Arduino UNO which includes the scalar multiplication algorithm using a conditional swap function in practice. Since this library takes a countermeasure against the SCA during key exchange, we can use this secure library as a protocol tool. However, there is a threat when we implement a scalar multiplication by using some functions in this library without considering the SCA.

DOI： 10.1109/CANDAR.2019.00040

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#YoshimotoUKKN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

Among the increasing evolution of IoT devices, practical applications need reliable secure protocols to communicate with each other. A major issue for modern cryptosystems is an implementation of secure and trustworthy mechanisms to rely on. A side-channel attack against these cryptosystems may overturn the guarantee of security against conventional cyber-attacks. Elliptic curve cryptography is public-key cryptography based on elliptic curves, and one of the well-known curves is Curve25519 which is used for TLS protocols as a recommended curve. This curve is mainly implemented on limited resource devices such as microcontrollers. However, this curve poses a weakness for low-order points during a Diffie-Hellman key exchange is employed. This research demonstrates possible exploitation of a threat of order 8 rational points of Curve25519 and shows results of the side-channel attacks using order 8 rational points on an embedded system. The results indicate the order 8 rational points might be applied to key extraction as attacker sides.

DOI： 10.1109/CANDAR.2019.00037

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#UetakeYKWKN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

It is well-known that the class of binomial extension fields is widely used to construct quadratic extension fields (QEFs) of supersingular isogeny Diffie-Hellman (SIDH) key exchange protocol. There is a possibility to improve the performance of SIDH by employing other classes of QEFs, i.e., extension fields with normal basis and all-one polynomial extension fields, without sacrificing the range of primes. In this paper, the authors confirm that the applicability of the other classes for SIDH and evaluate the computational complexity of the large-degree isogenies required for SIDH. The results of the experiments show that the performances with the classes are comparable to the QEF with a binomial x2+1.

DOI： 10.1109/CANDAR.2019.00030

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#NanjoSKN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this paper, we focus on binary sequences obtained from piecewise logistic map over integers, and show the relation between the Lyapunov exponents of the maps and results of the NIST tests for the sequences. When the Lyapunov exponent is a negative value, we confirm that the branch diagram is sparse and the bit occurrence rate is also greatly biased. We also give a sample of that the positive/negative signs of the Lyapunov exponents mostly coincide on the evaluations of the NIST tests. From the branching diagram of the piecewise logistic map, we can moreover find that there are many good pseudorandom sequences generated by the individual control parameters of the map.

DOI： 10.1109/IWSDA46143.2019.8966109

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/iwsda/iwsda2019.html#EguchiMAUN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

Block Turbo Decodings (BTDs) with Soft-In SoftOut (SISO) decodings for two-dimensional product codes of linear codes can achieve good error performance. However, since large computational complexity of the BTDs can be a problem, a method which can reduce average computational complexity is needed. In this research, the authors focus on an early termination condition as the method for the reduction on the computational complexity. From the tendency of the output of SISO ordered statistics decoding, a condition is proposed. Based on simulation results for the two-dimensional product code of the (32,26,4) Reed-Muller code, analysis on a parameter of the condition are given. The results show that the computational complexity can be reduced to more than one fourth at the SN ratios higher than 7[dB] of Eb/No without degradation on error performance by choosing an appropriate parameter.

DOI： 10.1109/CANDARW.2019.00080

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019w.html#KageyamaINKKN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

In this paper, we propose a new pseudo random binary sequence generated from a primitive polynomial over an extension field. The sequence has maximum period and high linear complexity suitable for security applications. While generation, a new mapping function is proposed which is faster than conventional trace map and translates extension field elements to prime field elements. The output of mapping function is a p-ary sequence with elements 0~ (p-1) that is balanced in pattern distribution and has ideal autocorrelation. Then, a binarization method is utilized to derive binary sequence from p-ary sequence. Period, autocorrelation, linear complexity and computation time of the proposed sequence are studied and experimental results are presented. Finally, the efficiency of the proposal is verified by comparing with existing sequences in terms of period, linear complexity and generation time for sequences of different length.

DOI： 10.1109/CANDARW.2019.00076

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019w.html#AkhterNKTT19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Research and development of automatic driving technology has been actively conducted in recent years. Under this background, it is considered that the car parking problem is expected to be developed for supporting drivers to complete automatic parking. Many parking lots in an urban area prepare parking spaces with asphalt road surface drawn by white paint. Research to recognize parking spaces using camera images has been conducted so far. However, camera images are known to be not robust to environmental conditions such as nighttime and a backlight. Therefore, a method of recognizing parking spaces is proposed so that it can be used even when the use time is day or night, irrespective of whether the road surface is dry or wet. In the proposed method, the road surface is classified using the statistical model of the received light intensity value of laser range scanner. Then, the target parking position is estimated by Hough transformation.

DOI： 10.1109/SII.2019.8700344

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/sii/sii2019.html#KamiyamaMOWN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

This paper discusses the conditions of fruitless cycles for Pollard's rho method with skew Frobenius mapping for elliptic curve discrete logarithm problem (ECDLP) over a Barreto-Naehrig (BN) curve. When a random walk pass achieves a fruitless cycle, the random walk pass must restart with a different starting point. There can be several methods to eliminate fruitless cycles of short lengths for BN curves based on the construction of a random walk table. Therefore, in this research, the authors give an analysis of the previous methods for a BN curve of order 349 with the mapping with experiments. The results show that several fruitless cycles of length two and three cannot be eliminated by the previous methods. The authors investigated the reason for degradation. As a result of the analysis, a new condition where a part of the fruitless cycles of any lengths occur is derived, and a new method to eliminate the fruitless cycles is proposed.

DOI： 10.1109/CANDARW.2019.00068

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019w.html#MiuraMIJKN19

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE COMPUTER SOC  

The increment of opportunities for using machine learning (ML) technologies has brought a new threat to cryptosystems. As a remarkable example, the ML technologies have gradually been employed in the side-channel attack (SCA) to obtain sensitive information. In this paper, the authors focus on the structure of a masked S-Box in AES, which aims to equip the SCA resistance even for the attacks using the ML technologies. More precisely, this paper analyzes the mathematical structure of the inverse operation over F(24)2 which is an isomorphic field for obtaining efficient arithmetic for the AES, so that all functions in the encryption scheme can handle masked data as it is. The mathematical structure is realized by introducing several mathematical tools such as the Gauss periods and the Itoh-Tsujii inversion algorithm, and as a result, we clarified the factors of the coefficients of A-1 for an element A F(24)2. It enables us to generate the corresponding element directly, which allows canceling the mask even after processing the SubBytes.

DOI： 10.1109/CANDAR.2019.00027

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2019.html#KoderaTKN19

掲載種別：論文集(書籍)内論文   出版者・発行元：Springer International Publishing  

This paper considers a new construction of a keyword search including partial matching on an encrypted document. Typically, an index-based searchable symmetric encryption has been investigated. However, it makes a partial keyword matching difficult without a designated trapdoor. Thus, our objective is to propose a keyword search scheme which enables us to search a part of a keyword only by building trapdoors of each original keyword. The main idea is to insulate each character of a keyword into a bitstream of the sequence generated by a pseudorandom number generator. It achieves a partial search by giving a restriction on the length of a keyword.

DOI： 10.1007/978-3-030-17982-3_19

Scopus

researchmap

掲載種別：研究論文（学術雑誌）   出版者・発行元：ASTES Journal  

The distribution of bit patterns is an important measure to check the randomness of a sequence. The authors of this paper observed this crucial property in a binary sequence which generated by using a primitive polynomial, trace function, and Legendre symbol defined over the sub extension field. The authors create a new dimension in the sequence generation research area by considering the sub extension field, whereas all our previous works are focused in the prime field. In terms of distribution of bit patterns property, this research work has notable outcomes more specifically the binary sequence (defined over the sub extension field) holds much better (close to uniform) bit distribution than the previous binary sequence (defined over the prime field). Furthermore, the authors theoretically proved the distribution of bit property in this paper.

DOI： 10.25046/aj040246

Scopus

researchmap

掲載種別：研究論文（国際会議プロシーディングス）  

© Springer Nature Switzerland AG 2019. This paper proposes two attractive classes of Barreto-Naehrig curve for ate-based pairing by imposing certain condition χ ≡ 7, 11 (mod 12) on the integer χ that parameterizes the curve settings. The restriction results in an unparalleled way to determine a BN curve, its twisted curve coefficients, and obvious generator points. The proposed χ ≡ 11 (mod 12) are found to be more efficient than χ ≡ 7 (mod 12) together with pseudo 8-sparse multiplication in Miller's algorithm. The authors also provide comparative implementations for the proposal.

DOI： 10.1007/978-3-030-17982-3_5

Scopus

researchmap

掲載種別：研究論文（学術雑誌）  

The authors propose a well balanced multi-value sequence (including a binary sequence). All the sequence coefficients (except the zero) appear almost the same in number, thus, the proposed sequence is so called the well balanced sequence. This paper experimentally describes some prominent features regarding a sequence, for instance, its period, autocorrelation, and cross-correlation. The value of the autocorrelation and cross-correlation can be explicitly given by the authors formulated theorems. In addition, to ensure the usability of the proposed multi-value sequence, the authors introduce its flexibility by making it a binary sequence. Furthermore, this paper also introduces a comparison in terms of the linear complexity and distribution of bit patterns properties with their previous works. According to the comparison results, the proposed sequence holds better properties compared to our previous sequence.

DOI： 10.25046/aj040423

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

© 2018 IEEE. Pairing-based protocols are getting popular in many cryptographic applications. Pairing algorithms involve computations on elements in all three pairing groups, G 1 , G 2 and G 3 ; however, most protocols usually require additional scalar multiplication and exponentiation in any of these three groups. The Gallant-Lambert-Vanstone (GLV) method is an elegant technique to accelerate the scalar multiplication which can reduce the number of elliptic curve doubling by using Straus-Shamir simultaneous multi-scalar multiplication technique. However, efficiently computable endomorphisms are required to apply GLV for the elliptic curves. This paper shows the GLV technique by deriving efficiently computable endomorphism for Kachisa-Schaefer-Scott (KSS) curve defined over degree 16 extension field. In addition, the authors show explicit formulas to compute the GLV method together with Straus-Shamir simultaneous multi-scalar multiplication technique for 2, 4 and 8 dimensions in G 2 group. The comparative implementation shows that dimension 4 gives faster computational time than dimension 8 and 2.

DOI： 10.1109/CANDAR.2018.00021

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2018.html#KhandakerNKN18

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

© 2018 IEEE. In recent years, many innovative cryptography protocols based on the pairing. Finding out an efficient extension field construction is one of the prerequisites for a practical pairing implementation. The author tries to find an elegant extension field construction which will result in efficient pairing over Barreto-Naehrig (BN) curve. In this paper, two construction methods are considered for extension field of degree 12, and one of them results in an efficient exponentiation and the other enables to compute faster Miller loop than the former one. Therefore, a method which uses a basis conversion matrix between the two extension field is proposed. In comparison to the performance of Aranha et al.'s towering, the proposed implementation results in the efficient exponentiation in a multiplicative group, although pairing cost is slightly increased.

DOI： 10.1109/CANDARW.2018.00087

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#NanjoKKN18

掲載種別：研究論文（国際会議プロシーディングス）  

To identify semiconductor devices that are dominant noise sources at low cost in order to reduce electromagnetic interference (EMI), we propose a method based on a noise source amplitude modulation technique and correlation analysis (NSM-CA). In this study, we applied the NSM-CA method to a printed circuit board (PCB) with multiple integrated circuits (ICs) and identified ICs dominantly contributing to EM emission. The switching currents produced in three of the ICs were modulated in amplitude with three different modulation signals. The noise source amplitude modulation was implemented in an FPGA, mounted on a PCB, by using three pseudorandom binary sequences (PRBSs) as modulation signals. During the modulations, EM emission was measured at frequencies where the emission exceeded the limit of EMI regulation. The temporal variation in the measured emission was correlated with each of the PRBSs. The ranking of the contributions of the ICs to the emission was determined by means of the resultant correlation coefficients. According to the ranking, the dominant ICs to which a combination of EMI reduction techniques should be primarily applied were identified. Moreover, we applied an EMI reduction technique to the dominant ICs and found a larger reduction in emission than when the technique was applied to low priority ICs.

DOI： 10.1109/EMCEurope.2018.8485011

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Cryptography is one of the most important elements on the information security. In this paper, we propose a construction method of a long-period binary sequence with good randomness which plays an important role in cryptography. We generate the sequence by combining two types of binary sequences; one is the m-sequence and the other is a quadratic congruential sequence proposed by Knuth. It is well known that the m-sequence has good statistical properties, and Knuth's method can generate a long period sequence. However, both of these sequences cannot pass the almost NIST statistical tests by stand-alone. We derive a binary sequence combining these two sequences. In addition; we also consider the reasons why the proposed sequence has good randomness properties.

DOI： 10.1109/ICCE-China.2018.8448725

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

With the spread of loT, it is necessary to implement of encryption and decryption in order to secure information handled by each device. We focus on generating a sequence having random number property for a microcomputer with a short available bit length. We propose binary sequences combined from two random number sequences of 16 bits or less, one is an interleaving operation and the other is a combination by using a Gray code. In this paper, we discussed about how to generate a sequence and random number properties.

DOI： 10.1109/ICCE-China.2018.8448887

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper presents an efficient arithmetic in extension field based on Cyclic Vector Multiplication Algorithm that reduces calculation costs over cubic extension for elliptic curve pairing cryptography. In addition, we evaluate the calculation costs compared to Karatsuba-based method.

DOI： 10.1109/ICCE-China.2018.8448573

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

Copyright © 2018 The Institute of Electronics, Information and Communication Engineers. Generalized Minimum Distance (GMD) decoding is a well-known soft-decision decoding for linear codes. Previous research on GMD decoding focused mainly on unquantized AWGN channels with BPSK signaling for binary linear codes. In this paper, a study on the design of a 4-level uniform quantizer for GMD decoding is given. In addition, an extended version of a GMD decoding algorithm for a 4-level quantizer is proposed, and the effectiveness of the proposed decoding is shown by simulation.

DOI： 10.1587/transfun.E101.A.1235

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet101a.html#UedaIKKAN18

掲載種別：研究論文（国際会議プロシーディングス）  

© 2017 IEEE. The security of Internet of Things (IoT) devices is one of the most important problems. The processing ability of IoT devices is limited, therefore a more light-weight and secure cryptography is necessary. This paper shows the implementation of 256-bit Elliptic Curve Cryptography (ECC) on an 8-bit microcontroller by applying towering for extension field of degree 32. The authors use a twisted Montgomery curve with a Montgomery ladder which enables fast calculations without inverse elements. In addition to that, this implementation is considered resistant to the Side Channel Attack (SCA) since it applies the Montgomery ladder for the scalar multiplication (SCM). This ECC implementation on Arduino UNO, an 8-bit microcontroller board, takes 3 seconds for an SCM which can be made faster by careful assembly implementation.

DOI： 10.1109/CANDAR.2017.90

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1587/transfun.E101.A.1525

Web of Science

Scopus

researchmap

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this research, the choice of the parameter for a method to generate distinguished rational points in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The structures of random walk paths are confirmed by experiments for several BN curves. From the results, the authors clarify the conditions in which the Rho method does not stop during an attack, and the authors also show an indication for the choice of the parameter for the method to generate distinguished points with large bits of ECDLP.

DOI： 10.23919/ISITA.2018.8664405

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this research, the choice of the parameter of the Montgomery trick in Pollard's Rho method to solve the elliptic curve discrete logarithm problem for Barreto-Naehrig (BN) curves is shown. The average number of generated rational points per unit time is chosen as a measure of the effectiveness of the choice of the parameter of the Montgomery trick. The results are derived from a sufficient number of experiments with several BN curves.

DOI： 10.23919/ISITA.2018.8664242

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Simeck family block cipher was proposed in CHES 2015. It is a kind of lightweight block cipher provide various block and key size. In this paper, we proposed efficient parallel implementation of Simeck with GPGPU by using OpenCL and present performance of Simeck parallel implementation.

Web of Science

researchmap

掲載種別：研究論文（学術雑誌）  

In the age of IoT, pairing-based cryptography (PBC) can play an important role as a public key cryptography since it enables several innovative protocols such as anonymous encryption, certificate less authentication and so on. However, due to the computation complexity, PBC is often regarded computationally unfeasible for IoT devices. Therefore, this paper tries to push that limit by efficiently calculating pairing operation together with scalar multiplication and exponentiation over Barreto-Naehrig (BN) curve by applying the state of art techniques. In addition to the theoretic explanation of the applied techniques, the authors also show a high-level implementation using C programming on a raspberry pi model 3 B, instead of hardware specific implementation.

DOI： 10.12720/jcm.13.2.88-93

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Computer Society  

DOI： 10.1109/CANDARW.2018.00061

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）  

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

With the matter of secure communication between devices, and especially for IoT devices, more and more applications need trustful protocols to communicate using public key cryptography. Elliptic curve cryptography is nowadays a very secure and efficient public key cryptography method. One of the most recent and secure curve is Curve25519 and one of its failure is attack on low-order elements during a Diffie-Hellman key exchange. This document demonstrates that an attack using an order 4 point is possible on an embedded system with a simple power analysis, pointing out every IoT using Curve255119 as a cryptographic method, a potential target to side-channel attacks.

DOI： 10.23919/ISITA.2018.8664293

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/isita/isita2018.html#UetakeSKNWD18

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

The development of the autonomous driving and the connected services severely increase security threats on old automotive technologies that are still present on-board vehicles since the long incremental process were employed. For example, the Controller Area Network (CAN) bus, which was standardized in 1991, can be connected to modern Linux embedded computer nodes where evil attacker might be able to exploit a vulnerability on the nodes. However, it is not easy to implement countermeasures on the CAN bus, since the strict requirements and limited performances of CAN specification. That is one of the major reason for the new standard CAN Flexible Data-rate (CAN FD) has been released in 2012 by Bosch to fill the gap between these challenges and the CAN protocol. In this research, a new simple authentication protocol for CAN FD is proposed, and the protocol is evaluated by experiments. The results show that the proposed protocol prevents infected nodes from usurping identity of a critical node and forge messages, with practical computational complexity on modern low-power embedding boards.

DOI： 10.1109/CANDARW.2018.00057

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2018w.html#CarelIKNA18

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Computer Society  

DOI： 10.1109/CANDARW.2018.00087

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In recent years, with the increase in physical distribution volume, unmanned transportation robots are expected as an alternative means of transporting baggage in factories and warehouses. The development of a control system for cooperative transportation by multiple robots is important when the objects to be transported are long and exceed the size and the weight limit. From this, we develop a control system for cooperative transportation using two robots independently driven by two wheels. In this paper, a communication system between two mobile robots and a host PC is constructed by using ROS, and a sub-goal is generated to each robot to realize a cooperative running with two robots. The effectiveness of the proposed method is verified through an experiment that the controlled point of an object is subject to a movement along the square of 1 m.

DOI： 10.1109/SMC.2018.00296

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/smc/smc2018.html#MorishitaMNW18

掲載種別：研究論文（学術雑誌）  

DOI： 10.1587/transfun.E101.A.1235

researchmap

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Computer Society  

Pairing-based protocols are getting popular in many cryptographic applications. Pairing algorithms involve computations on elements in all three pairing groups, G 1 , G 2 and G 3 ; however, most protocols usually require additional scalar multiplication and exponentiation in any of these three groups. The Gallant-Lambert-Vanstone (GLV) method is an elegant technique to accelerate the scalar multiplication which can reduce the number of elliptic curve doubling by using Straus-Shamir simultaneous multi-scalar multiplication technique. However, efficiently computable endomorphisms are required to apply GLV for the elliptic curves. This paper shows the GLV technique by deriving efficiently computable endomorphism for Kachisa-Schaefer-Scott (KSS) curve defined over degree 16 extension field. In addition, the authors show explicit formulas to compute the GLV method together with Straus-Shamir simultaneous multi-scalar multiplication technique for 2, 4 and 8 dimensions in G 2 group. The comparative implementation shows that dimension 4 gives faster computational time than dimension 8 and 2.

DOI： 10.1109/CANDAR.2018.00021

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

To identify semiconductor devices that are dominant noise sources at low cost in order to reduce electromagnetic interference (EMI), we propose a method based on a noise source amplitude modulation technique and correlation analysis (NSM-CA). In this study, we applied the NSM-CA method to a printed circuit board (PCB) with multiple integrated circuits (ICs) and identified ICs dominantly contributing to EM emission. The switching currents produced in three of the ICs were modulated in amplitude with three different modulation signals. The noise source amplitude modulation was implemented in an FPGA, mounted on a PCB, by using three pseudorandom binary sequences (PRBSs) as modulation signals. During the modulations, EM emission was measured at frequencies where the emission exceeded the limit of EMI regulation. The temporal variation in the measured emission was correlated with each of the PRBSs. The ranking of the contributions of the ICs to the emission was determined by means of the resultant correlation coefficients. According to the ranking, the dominant ICs to which a combination of EMI reduction techniques should be primarily applied were identified. Moreover, we applied an EMI reduction technique to the dominant ICs and found a larger reduction in emission than when the technique was applied to low priority ICs.

Web of Science

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper focuses on the Maximum Order Complexity of a pseudorandom sequence for security applications called NTU sequence. It shows the maximum feature on the nonlinear property and several properties have been theoretically proven. However, the NTU sequence requires a uniformization technique to overcome the drawback on its bits distribution. The technique has already proposed but the non-liear feature still has not investigated. Therefore, this paper evaluates the affects on the non-linear feature of the original NTU sequence by using Maximum Order Complexity.

Web of Science

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Institute of Electrical and Electronics Engineers Inc.  

In this paper, we will propose a digital watermarking for voice signals recorded by a digital voice recorder especially in conferences. We will discuss some requirements for detecting falsifications in the voice signal, because the conference record has the probability that a conclusion is changed for only a falsification in a little time interval. Next, we will show a method of locating an altered place in the voice signal and a new idea applying a white Gaussian noise for guarantee of the valid voice signal without falsification. One characteristic of our proposal is an agitation depending on a peak spectrum for making it difficult to illegally change the embedded watermark.

DOI： 10.1109/ICCE-China.2017.7991091

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

© 2017 IEEE. The Internet of Things (IoT) provides much convenient life for us, at the same time it has brought threats for our privacy. In this context, secure and efficient cryptosystem is required to which pseudorandom sequence plays an important role. Especially, the distribution of bit patterns in the pseudorandom sequence is one of important security aspects. This paper especially focuses on the bit patterns and the distribution in an NTU sequence. As a result of a lot of observation, an important assumption about the distribution of bit patterns in an NTU sequence is introduced. It will help to obtain the balanced NTU sequence in order to enhance the security of cryptosystem on IoT communications.

DOI： 10.1109/ICCE-China.2017.7991033

Web of Science

Scopus

researchmap

掲載種別：研究論文（国際会議プロシーディングス）  

© 2017 IEEE. In this paper, the authors apply two modular exponentiation algorithms such as left-to-right binary method and Montgomery powering ladder algorithm on Raspberry Pi and evaluate their security against Side-channel attack.

DOI： 10.1109/ICCE-China.2017.7991108

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

The authors in this paper have proposed a multi-value sequence generated by a primitive polynomial, trace function, k-th power residue symbol, and a certain mapping function over the proper sub extension field. Here, the trace function actually maps an element of the extension field to an element of the proper sub extension field, which is actually a vector space. The distribution of numbers within the sequence becomes more balanced by considering the proper sub extension field. In addition, its period and autocorrelation properties also observed in this paper.

DOI： 10.1109/ICCE-China.2017.7991089

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER INTERNATIONAL PUBLISHING AG  

The security of cryptographic protocols which are based on elliptic curve cryptography relies on the intractability of elliptic curve discrete logarithm problem (ECDLP). In this paper, the authors describe techniques applied to solve 114-bit ECDLP in Barreto-Naehrig (BN) curve defined over the odd characteristic field. Unlike generic elliptic curves, BN curve holds an especial interest since it is well studied in pairing-based cryptography. Till the date of our knowledge, the previous record for solving ECDLP in a prime field was 112-bit by Bos et al. in Certicom curve ‘secp112r1’. This work sets a new record by solving 114-bit prime field ECDLP of BN curve using Pollard’s rho method. The authors utilized sextic twist property of the BN curve to efficiently carry out the random walk of Pollard’s rho method. The parallel implementation of the rho method by adopting a client-server model, using 2000 CPU cores took about 6 months to solve the ECDLP.

DOI： 10.1007/978-3-319-78556-1_13

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/IWSDA.2017.8097082

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/IWSDA.2017.8095741

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

DOI： 10.1109/IWSDA.2017.8095739

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Computer Society  

DOI： 10.1109/CANDAR.2017.86

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER INTERNATIONAL PUBLISHING AG  

Acceleration of a pairing calculation of an Ate-based pairing such as Optimal Ate pairing depends not only on the optimization of Miller algorithm's loop parameter but also on efficient elliptic curve arithmetic operation and efficient final exponentiation. Some recent works have shown the implementation of Optimal Ate pairing over Kachisa-Schaefer-Scott (KSS) curve of embedding degree 18. Pairing over KSS curve is regarded as the basis of next generation security protocols. This paper has proposed a pseudo 12-sparse multiplication to accelerate Miller's loop calculation in KSS curve by utilizing the property of rational point groups. In addition, this papers has showed an enhancement of the elliptic curve addition and doubling calculation in Miller's algorithm by applying implicit mapping of its sextic twisted isomorphic group. Moreover this paper has implemented the proposal with recommended security parameter settings for KSS curve at 192 bit security level. The simulation result shows that the proposed pseudo 12-sparse multiplication gives more efficient Miller's loop calculation of an Optimal Ate pairing operation along with recommended parameters than pairing calculation without sparse multiplication.

DOI： 10.1007/978-3-319-53177-9_11

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icisc/icisc2016.html#KhandakerONSD16

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

The Internet of Things (IoT) provides much convenient life for us, at the same time it has brought threats for our privacy. In this context, secure and efficient cryptosystem is required to which pseudorandom sequence plays an important role. Especially, the distribution of bit patterns in the pseudorandom sequence is one of important security aspects. This paper especially focuses on the bit patterns and the distribution in an NTU sequence. As a result of a lot of observation, an important assumption about the distribution of bit patterns in an NTU sequence is introduced. It will help to obtain the balanced NTU sequence in order to enhance the security of cryptosystem on IoT communications.

DOI： 10.1109/ICCE-China.2017.7991033

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In this paper, the authors apply two modular exponentiation algorithms such as left-to-right binary method and Montgomery powering ladder algorithm on Raspberry Pi and evaluate their security against Side-channel attack.

DOI： 10.1109/ICCE-China.2017.7991108

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）  

researchmap

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Springer  

In this paper, we revisited the parallel implementation of SIMON and SPECK block ciphers. The performances of SIMON and SPECK are significantly improved by using ARM NEON SIMD (Single Instruction Multiple Data) parallel computing and OpenMP SIMT (Single Instruction Multiple Thread). We optimized the implementation on ARM NEON architecture. For optimized NEON, we reduced the number of registers for round key and increased the number of registers for plaintexts. Furthermore, we proposed the efficient forward and backward alignment methods. Finally, we maximize the performance by using SIMT (Single Instruction Multiple Threads). In the case of performance of proposed methods and proposed methods with SIMT, SIMON 128/128 encryption within 32.4, 14.3 cycles/byte, SIMON 128/192 encryption within 30.1, 15.9 cycles/byte, SIMON 128/256 encryption within 32.4, 16.9 cycles/byte, SPECK 128/128 encryption within 9.7, 5.1 cycles/byte, SPECK 128/192 encryption within 10.4, 5.6 cycles/byte, SPECK 128/256 encryption within 11.0, and 5.6 cycles/byte respectively on ARM Cortex-A53 environment.

DOI： 10.1007/978-3-319-93563-8_24

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER INTERNATIONAL PUBLISHING AG  

Efficiency of the next generation pairing based security protocols rely not only on the faster pairing calculation but also on efficient scalar multiplication on higher degree rational points. In this paper we proposed a scalar multiplication technique in the context of Ate based pairing with Kachisa-Schaefer-Scott (KSS) pairing friendly curves with embedding degree k = 18 at the 192-bit security level. From the systematically obtained characteristics p, order r and Frobenious trace t of KSS curve, which is given by certain integer z also known as mother parameter, we exploit the relation #E(F-p) = p + 1-t mod r by applying Frobenius mapping with rational point to enhance the scalar multiplication. In addition we proposed z-adic representation of scalar s. In combination of Frobenious mapping with multi-scalar multiplication technique we efficiently calculate scalar multiplication by s. Our proposed method can achieve 3 times or more than 3 times faster scalar multiplication compared to binary scalar multiplication, sliding-window and non-adjacent form method.

DOI： 10.1007/978-3-319-56549-1_19

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/wisa/wisa2016.html#KhandakerNSD16

掲載種別：研究論文（国際会議プロシーディングス）  

© Springer International Publishing AG 2017. Efficiency of the next generation pairing based security protocols rely not only on the faster pairing calculation but also on efficient scalar multiplication on higher degree rational points. In this paper we proposed a scalar multiplication technique in the context of Ate based pairing with Kachisa-Schaefer-Scott (KSS) pairing friendly curves with embedding degree k = 18 at the 192-bit security level. From the systematically obtained characteristics p, order r and Frobenious trace t of KSS curve, which is given by certain integer z also known as mother parameter, we exploit the relation #E(F p) = p+1−t mod r by applying Frobenius mapping with rational point to enhance the scalar multiplication. In addition we proposed z-adic representation of scalar s. In combination of Frobenious mapping with multi-scalar multiplication technique we efficiently calculate scalar multiplication by s. Our proposed method can achieve 3 times or more than 3 times faster scalar multiplication compared to binary scalar multiplication, sliding-window and non-adjacent form method.

DOI： 10.1007/978-3-319-56549-1_19

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER INTERNATIONAL PUBLISHING AG  

Following the emergence of Kim and Barbulescu’s new number field sieve (exTNFS) algorithm at CRYPTO’16 [21] for solving discrete logarithm problem (DLP) over the finite field; pairing-based cryptography researchers are intrigued to find new parameters that confirm standard security levels against exTNFS. Recently, Barbulescu and Duquesne have suggested new parameters [3] for well-studied pairing-friendly curves i.e., Barreto-Naehrig (BN) [5], Barreto-Lynn-Scott (BLS-12) [4] and Kachisa-Schaefer-Scott (KSS-16) [19] curves at 128-bit security level (twist and sub-group attack secure). They have also concluded that in the context of Optimal-Ate pairing with their suggested parameters, BLS-12 and KSS-16 curves are more efficient choices than BN curves. Therefore, this paper selects the atypical and less studied pairing-friendly curve in literature, i.e., KSS-16 which offers quartic twist, while BN and BLS-12 curves have sextic twist. In this paper, the authors optimize Miller’s algorithm of Optimal-Ate pairing for the KSS-16 curve by deriving efficient sparse multiplication and implement them. Furthermore, this paper concentrates on the Miller’s algorithm to experimentally verify Barbulescu et al.’s estimation. The result shows that Miller’s algorithm time with the derived pseudo 8-sparse multiplication is most efficient for KSS-16 than other two curves. Therefore, this paper defends Barbulescu and Duquesne’s conclusion for 128-bit security.

DOI： 10.1007/978-3-319-71667-1_10

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

The security of Internet of Things (IoT) devices is one of the most important problems. The processing ability of IoT devices is limited, therefore a more light-weight and secure cryptography is necessary. This paper shows the implementation of 256-bit Elliptic Curve Cryptography (ECC) on an 8-bit microcontroller by applying towering for extension field of degree 32. The authors use a twisted Montgomery curve with a Montgomery ladder which enables fast calculations without inverse elements. In addition to that, this implementation is considered resistant to the Side Channel Attack (SCA) since it applies the Montgomery ladder for the scalar multiplication (SCM). This ECC implementation on Arduino UNO, an 8-bit microcontroller board, takes 3 seconds for an SCM which can be made faster by careful assembly implementation.

DOI： 10.1109/CANDAR.2017.90

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/corr/corr1709.html#abs-1709-05163

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Binary extension field F28 is recently used for AES encryption and IoT (Internet of Things) security with PUF (Physical Unclonable Function). The calculations over tower field such as F(24)2 or F((22)2)2 become more efficient than that of over F28. This paper focuses on the efficient calculations over F(24)2.

DOI： 10.1109/ICCE-TW.2016.7520896

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper proposes a dynamic job scheduling method for reliable and high-performance volunteer computing. In volunteer computing, each job is replicated and allocated to multiple participants (workers) to remove incorrect results by a voting mechanism. Hence, the number of workers necessary to complete a job is an important factor for the system performance; however, this is not well-considered in the existing methods. The proposed method defines the expected probability of completion for each job based on the worker's secession probability. By allocating each job so that the expected probability is always greater than a specified value, the proposed method avoids excess job allocation, which leads to the higher performance. The performance of the proposed method is evaluated by computer simulation, under the two scenarios of workers having uniform and different processing speeds. It is found that the performance of the proposed method is higher than the existing method especially under the practical latter scenario.

DOI： 10.1109/ICISSEC.2015.7370964

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In elliptic curve cryptography (ECC), a scalar multiplication for rational point is the most time consuming operation. This paper proposes an efficient calculation for a scalar multiplication by applying Frobenious Mapping. Particularly, this paper deals with Barreto-Naehrig curve defined over extension field F-q(2), where q - p(6) and p is a large prime.

DOI： 10.1109/ICCE-TW.2016.7520894

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Barreto-Naehrig (BN) curve is a well studied pairing friendly curve of embedding degree 12, that uses arithmetic in F-p12. Therefore the arithmetic of F-p12 extension field is well studied. In this paper, we have proposed an efficient approach of arithmetic operation over the extension field of degree 18 by towering. F-p18 extension field arithmetic is considered to be the basis of implementing the next generation pairing based security protocols. We have proposed to use F-p element to construct irreducible binomial for building tower of extension field up to F-p6, where conventional approach uses the root of previous irreducible polynomial to create next irreducible polynomials. Therefore using F-p elements in irreducible binomial construction, reduces the number of multiplications in F-p to calculate inversion and multiplication over F-p18, which effects acceleration in total arithmetic operation over F-p18.

DOI： 10.1109/ICCITECHN.2016.7860209

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pairing based cryptography is considered as the next generation of security for which it attracts many researcher to work on faster and efficient pairing to make it practical. Among the several challenges of efficient pairing; efficient scalar multiplication of rational point defined over extension field of degree k >= 12 is important. However, there exists isomorphic rational point group defined over relatively lower degree extension field. Exploiting such property, this paper has showed a mapping technique between isomorphic rational point groups in the context of Ate-based pairing with Kachisa-Schaefer-Scott (KSS) pairing friendly curve of embedding degree k = 18. In the case of KSS curve, there exists sub-field sextic twisted curve that includes sextic twisted isomorphic rational point group defined over F(p)3. This paper has showed the mapping procedure from certain F(p)18 rational point group to its sub-field isomorphic rational point group in F(p)3 and vice versa. This paper has also showed that scalar multiplication is about 20 times faster after applying the proposed mapping which in-turns resembles that the impact of this mapping will greatly enhance the pairing operation in KSS curve.

DOI： 10.1109/CANDAR.2016.38

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2016.html#KhandakerN16

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Web of Science

Scopus

researchmap

その他リンク： http://dblp.uni-trier.de/db/conf/isita/isita2016.html#conf/isita/ArshadNOIUMT16

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Computer Society  

DOI： 10.1109/CANDAR.2016.0109

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pseudo random sequences play an important role in cryptography and network security system. This paper proposes a new approach for generation of pseudo random sequence over odd characteristic field. The sequence is generated by applying a primitive polynomial over odd characteristic field, trace function and mobius function. Then, some important properties of the newly generated sequence such as period, autocorrelation and cross-correlation have been studied in this work. The properties of the generated sequence are evaluated on various bit length of odd characteristics. Finally, the experimental results are compared with existing works which show the superiority of the proposed sequence over existing ones.

Web of Science

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In our previous work, well balanced pseudo random signed binary sequence generated by using trace function and Legendre symbol has been researched. Our previous sequence generated by applying primitive polynomial over odd characteristic field F-p, trace function and Legendre symbol. The important features such as period, periodic autocorrelation, and cross-correlation have already been well discussed in our previous work. In this paper, the signed binary sequence is generated by utilizing one additional parameter A. Let p be an odd prime and F-p is an odd characteristic prime field and m be the degree of the primitive polynomial f(x). The procedure for generating sequence is as follows: primitive polynomial f (x) generates maximum length vector sequence, then trace function Tr (.) maps an element of extension field F(p)m to an element of prime field F-p, next a non-zero scalar A is an element of F-p is added to the trace value and finally Legendre symbol is used to map the scalars into signed binary sequence. In this paper, the authors have restricted the discussion on linear complexity and linear complexity profile properties of signed binary sequence based on some experimental results.

DOI： 10.1109/ICCITECHN.2016.7860207

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER INTERNATIONAL PUBLISHING AG  

In this paper we revisited the parallel implementations of LEA. By taking the advantages of both the light-weight features of LEA and the parallel computation abilities of ARM-NEON platforms, performance is significantly improved. We firstly optimized the implementations on ARM and NEON architectures. For ARM processor, barrel shifter instruction is used to hide the latencies for rotation operations. For NEON engine, the minimum number of NEON registers are assigned to the round key variables by performing the on-time round key loading from ARM registers. This approach reduces the required NEON registers for round key variables by three registers and the registers and temporal registers are used to retain four more plaintext for encryption operation. Furthermore, we finely transform the data into SIMD format by using transpose and swap instructions. The compact ARM and NEON implementations are combined together and computed in mixed processing way. This approach hides the latency of ARM computations into NEON overheads. Finally, multiple cores are fully exploited to perform the maximum throughputs on the target devices. The proposed implementations achieved the fastest LEA encryption within 3.2 cycle/byte for Cortex-A9 processors.

DOI： 10.1007/978-3-319-56549-1_27

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/wisa/wisa2016.html#SeoPHSBHZNZK16

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pseudo random sequences play an important role in cryptography and network security system. This paper proposes a new approach for generation of pseudo random sequence over odd characteristic field. The sequence is generated by applying a primitive polynomial over odd characteristic field, trace function and möbius function. Then, some important properties of the newly generated sequence such as period, autocorrelation and cross-correlation have been studied in this work. The properties of the generated sequence are evaluated on various bit length of odd characteristics. Finally, the experimental results are compared with existing works which show the superiority of the proposed sequence over existing ones.

DOI： 10.1109/IWCI.2016.7860341

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/iwci/iwci2016.html#AkhterN16

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Let p be an odd prime number as the characteristic of finite field, this paper introduces a pseudo random binary sequence generated by a primitive polynomial of degree 2 over F-p, trace function, and Legendre symbol. Then, its period and autocorrelation are introduced with a small example.

DOI： 10.1109/ICCE-TW.2016.7520895

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： 10.1007/978-3-662-48324-4_4

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ches/ches2015.html#UenoHSNA15

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

It is shown that public key cryptosystems based on discrete logarithm probrem can be solved if the quantum computer and Shor's algorithm are realized. Thus a new cryptosystem called post-quantum cryptosystem so as not to be broken by quantum computer is needed. NTRU is proposed by Hoffstein et al. in 1998. It is one of post-quantum cryptosystem. It is based on problems on lattice for which there are no efficient algorithms to solve. In NTRU, using convolution polynomial ring as Zq[X]/(Xn-1). However, (X-1), that is a trivial factor of Xn-1 sometimes make problems. Thus we consider a variant using a quotient polynomial ring such as Zq[X]/(Xn + Xx-1 +...+X + 1) and CVMA: Cyclic Vector Multiplication Algorithm.

DOI： 10.1109/ICCE-TW.2015.7216956

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper presents the performance evaluations of GMP-based applications on Web-based Volunteer Computing (VC) systems. Web-based VC is expected to gather many volunteer participants (workers) by allowing workers to execute a computation program (job) on Web browsers. On the other hand, the job execution performance on workers degraded because jobs are executed on Web browsers. To reveal the actual performance of Web-based VC, we convert practical applications which use GMP, that is a multi-precision library for scientific computations, and evaluate its performance. The experimental results show that the performance degradation is negligibly small in some cases, e.g. a short bit-length of arguments. This paper also shows a potential for the performance improvement of Web-based VC by substituting GMP functions.

DOI： 10.1109/ICCE-TW.2015.7216970

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper addresses a job scheduling problem in Volunteer Computing (VC) systems, where some malicious participant may return incorrect results (sabotaging). Credibility-based job scheduling method, namely ENR-ECJ, is a promising approach to realize high-performance and sabotage-tolerant VC systems based on the credibility of each participant (worker). However, managing the credibility values in the management node may cause considerable performance degradation of whole the system. By implementing ENR-ECJ into a small scale VC system, this paper demonstrates the primacy of ENR-ECJ over existing methods and reveals its condition through the performance evaluation for various number of workers. The results show that ENR-EJC improves the overall performance about 10% when the access frequency of workers is less than 2 per second.

DOI： 10.1109/ICCE-TW.2015.7216948

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/iacr/iacr2015.html#Seo0NCK15a

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/iacr/iacr2015.html#Seo0NCK15

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Springer  

Binary field multiplication is the most fundamental building block of binary field Elliptic Curve Cryptography (ECC) and Galois/Counter Mode (GCM). Both bit-wise scanning and Look-Up Table (LUT) based methods are commonly used for binary field multiplication. In terms of Side Channel Attack (SCA), bit-wise scanning exploits insecure branch operations which leaks information in a form of timing and power consumption. On the other hands, LUT based method is regarded as a relatively secure approach because LUT access can be conducted in a regular and atomic form. This ensures a constant time solution as well. In this paper, we conduct the SCA on the LUT based binary field multiplication. The attack exploits the horizontal Correlation Power Analysis (CPA) on weights of LUT. We identify the operand with only a power trace of binary field multiplication. In order to prevent SCA, we also suggest a mask based binary field multiplication which ensures a regular and constant time solution without LUT and branch statements.

DOI： 10.1007/978-3-319-31875-2_14

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/wisa/wisa2015.html#SeoC0NPCK15

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/iacr/iacr2015.html#SeoC0NPCK15

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/iacr/iacr2015.html#UenoHSNA15

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Recently, binary sequences generated by chaotic maps have been widely studied. In particular, the logistic map is used as one of the chaotic map. However, if the logistic map is implemented by using finite precision computer arithmetic, rounding is required. In order to avoid rounding, Miyazaki, Araki, Uehara and Nogami proposed the logistic map over finite fields, and show some properties of sequences generated by the logistic map over finite fields. In this paper, we show some properties of periods of sequences generated by the logistic map over finite fields with control parameter four. In particular, we show conditions for parameters and initial values to have a long period, and asymptotic properties for periods by numerical experiments.

DOI： 10.1109/IWSDA.2015.7458394

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/iwsda/iwsda2015.html#TsuchiyaN15

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE Computer Society  

DOI： 10.1109/CANDAR.2015.53

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

An anonymous credential system allows a user to convince a service provider anonymously that he/she owns certified attributes. Previously, we proposed a paring-based anonymous credential system with constant size of proofs, where the combinations of logical AND and OR relations on user attributes can be proved as CNF formulas. However, this system has a problem of requiring large online computation time during authentication, which depends on the number of AND relations in the proved formula. In this paper, we propose an efficiency improvement of the computational overhead based on online/offline precomputation technique. In our improvement, all exponentiations that can be used for the accumulator and witness computations are executed in advance in the precomputation algorithm. Thus, exponentiations in the online accumulator and witness computations are excluded, and only multiplications are needed. We implemented the system using a fast pairing library, and measured the processing times, while changing the size of the proved CNF formula. The experimental result shows that the computational costs of the proof generation in the case of using lots of AND relations are greatly reduced than the previous system. Hence, it is practical for mobile users.

DOI： 10.1109/ICEEICT.2015.7307538

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

An anonymous credential system allows a user to convince a service provider anonymously that he/she owns certified attributes. Previously, an anonymous credential system was proposed to prove user's attributes to satisfy a monotone formula, i.e., a logic relation with any combination of AND/OR relations. However, this system has a problem of requiring large authentication time which depends on the number of attributes in the proved formula. In this paper, we propose methods to accelerate the authentication time by reducing the exponentiation costs for the calculations of accumulator and the witness which are used in the system. We implemented the accelerated system using a fast pairing library, and measured the authentication times, while changing the size of the proved relation.

DOI： 10.1109/ICCE-TW.2015.7216952

Web of Science

Scopus

researchmap

掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：Springer  

In this paper, we present high speed parallel multiplication and squaring algorithms for the Mersenne prime 2521 − 1. We exploit 1- level Karatsuba method in order to provide asymptotically faster integer multiplication and fast reduction algorithms. With these optimization techniques, ECDH on NIST’s (and SECG’s) curve P-521 requires 8.1/4M cycles on an ARM Cortex-A9/A15, respectively. As a comparison, on the same architecture, the latest OpenSSL 1.0.2d’s ECDH speed test for curve P-521 requires 23.8/18.7M cycles for ARM Cortex-A9/A15, respectively.

DOI： 10.1007/978-3-319-30840-1_11

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icisc/icisc2015.html#Seo0NPCZK15

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Elliptic curve discrete logarithm problem (ECDLP) is the base of the security of elliptic curve cryptography (ECC). The verification of the security of ECC has been studied by solving an ECDLP. However, we need a large amount of computational resources for the verification. Then, this paper proposes a method gathering computational resources with Web-based Volunteer Computing (Web-based VC). This paper solves 70-bit ECDLP, and evaluates the computational performance of 2 types of the execution clients: Native Client (NaCl) and Portable NaCl (PNaCl). In the case of NaCl, 70-bit ECDLP was solved in 3086 seconds. On the other hand, in the case of PNaCl, 70-bit ECDLP was solved in 6583 seconds.

DOI： 10.1109/CANDAR.2015.46

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ic-nc/candar2015.html#KajitaniNMA15

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

In our previous work, k-value pseudo random sequence generated by power residue symbol has been researched. The sequence is generated by applying a primitive polynomial over odd characteristics field, trace function, and power residue symbol. The sequence has some important features such as period, periodic autocorrelation, and linear complexity. In this paper, by applying an additional process to the previous procedure, an extended multi-value sequence is generated. Its features, such as the period, periodic autocorrelation, periodic crosscorrelation, and linear complexity are examined in this paper. According to the results, the new sequence also has some interesting features.

DOI： 10.1109/ICISSEC.2015.7371002

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Vector decomposition problem has been proposed on some supersingular curves whose embedding degree is 2 for example. In order to apply the problem as a trapdoor for some innovative cryptosystems, it is necessary to make pairing-related calculations more efficient. Our previous work has considered an approach for Tate pairing on a supersingular curve of embedding degree 2 over extension field of extension degree 2. It improved both Miller's algorithm and final exponentiation that was required for the Tate pairing. In detail, one multiplication in the calculation of Miller's loop was eliminated by using a twist mapping. This paper shows a more improved calculation of pairing with some experimental result for the efficiency discussion.

DOI： 10.1109/ICISSEC.2015.7370982

Web of Science

Scopus

researchmap

掲載種別：研究論文（学術雑誌）  

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/corr/corr1510.html#TsuchiyaN15

掲載種別：研究論文（国際会議プロシーディングス）  

We analyzed equivalent current source of cryptographic circuits implemented on a field programmable gate array (FPGA). The equivalent current source represented internal switching current behaviors in the cryptographic circuits during an Advanced Encryption Standard (AES) operation. In this work, the internal current was analyzed for extracting leakage functions and correlation coefficients from scatter diagrams of the Hamming Distance (HD) of AES intermediate values and the current magnitudes. The obtained leakage functions were confirmed a well-known assumption on the HD power model that magnitude of switching current due to transition of register states is proportional to HD of the register. The internal current was also investigated in terms of correlation with the HD model. Correlation coefficients increased as transforming the external power trace in the internal current because two types of noise were reduced by the transform; constant noise and overlap effect of successive rounds. The noise reduction inferred that the use of the internal current source would provide more precise verification of countermeasures.

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper investigated about introduction of the burst pulse injection method standardized for immunity tests to a cryptanalysis using faulty ciphertexts. We investigated the potential of the burst injection method to induce faulty ciphertexts experimentally. Firstly, the standard burst pulse was injected through the power cable to a cryptographic module implementing the Advanced Encryption Standard (AES) on a field programmable gate array (FPGA). As a result, it was confirmed that the burst pulse injection might cause clock glitches on the module. Secondly, the clock glitch was varied in magnitude and timing by use of two pulse generators and transmitted to the AES circuit to clarify what types of clock glitch induce critical faulty ciphertexts suited for recovering the crypto-key successfully. Results confirmed that the clock glitch had potential to induce faulty ciphertexts when it exceeded the threshold and produced a clock interval shorter than the critical path delay in the target round. The two experimental results suggested that burst pulse injection to cryptographic modules through their power cables is a possible scenario of fault analysis attacks.

Web of Science

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Pollard's rho method is well-known as an efficient method for solving discrete logarithm problem (DLP). This paper adopts the DLP on the so-denoted G(3) over Barreto-Naehrig curve, together with XTR group. Then, this paper shows this idea with the proposed algorithm, and the experimental computation time of solving the DLP is reduced by about 15%.

Web of Science

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Recently, ordinary pairing-friendly elliptic curves whose embedding degree is 1 have been often focused on, for example some composite order pairing-based cryptographies do. In the case of non-symmetric pairings whose embedding degree is larger than 2, recent efficient pairing techniques such as Rate and Xate pairings adopt a certain special rational point group with an efficient isomorphic mapping and then accelerate pairing-related operations such as a pairing calculation and a scalar multiplication. Based on cubic, quartic, and sextic twists, this paper shows how to activate these efficient techniques together with point compression on pairing-friendly curves of embedding degree 1. © 2011 IEEE.

DOI： 10.1109/icc.2011.5962421

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icc/icc2011.html#IzutaNM11

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

Recently, ordinary pairing-friendly elliptic curves whose embedding degree is 1 have been often focused on, for example some composite order pairing-based cryptographies do. In the case of non-symmetric pairings whose embedding degree is larger than 2, recent efficient pairing techniques such as Rate and Xate pairings adopt a certain special rational point group with an efficient isomorphic mapping and then accelerate pairing-related operations such as a pairing calculation and a scalar multiplication. Based on cubic, quartic, and sextic twists, this paper shows how to activate these efficient techniques together with point compression on pairing-friendly curves of embedding degree 1.

Web of Science

researchmap

掲載種別：研究論文（学術雑誌）  

Recently, ubiquitous Internet-access services have been provided by Internet service providers (ISPs) by deploying wireless local area networks (LANs) in public spaces including stations, hotels, and coffee shops. The IEEE802.1X protocol is usually used for user authentications to allow only authorized users to access services. Then, although user personal information of access locations, services, and operations can be easily collected by ISPs and thus, their strict management has been demanded, it becomes very difficult when multiple ISPs provide roaming services by their corporations. In this paper, we present an anonymous IEEE802.1X authentication system using a group signature scheme to allow user authentication without revealing their identities. Without user identities, ISPs cannot collect personal information. As an efficient revocable group signature scheme, we adopt the verifier-local revocation (VLR) type with some modifications for use of the fast pairing computation. We show the implementation of our proposal and evaluation results where the practicality of our system is confirmed for up to 1,000 revoked users.

DOI： 10.2197/ipsjjip.18.63

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：SPRINGER-VERLAG BERLIN  

In the case of Barreto-Naehrig pairing-friendly curves of embedding degree 12 of order r, recent efficient Ate pairings such as R-ate, optimal, and Xate pairings achieve Miller loop lengths of (1/4) left perpendicularlog(2) r right perpendicular]. On the other hand, the twisted Ate pairing requires (3/4) left perpendicularlog(2) r right perpendicular] loop iterations, and thus is usually slower than the recent efficient Ate pairings. This paper proposes an improved twisted Ate pairing using Frobenius maps and a small scalar multiplication. The proposal splits the Miller&apos;s algorithm calculation into several independent parts, for which multi-pairing techniques apply efficiently. The maximum number of loop iterations in Miller&apos;s algorithm for the proposed twisted Ate pairing is equal to the (1/4) left perpendicularlog(2) r right perpendicular] attained by the most efficient Ate pairings.

DOI： 10.1007/978-3-642-14423-3_4

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/icisc/icisc2009.html#SakemiTNM09

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）   出版者・発行元：IEEE  

This paper shows two improvements of twisted te pairing with Barreto Naehrig curve so as to be efficiently carried out by dividing the calculation loops of Miller&apos;s algorithm based on divisor theorem. Then, this paper shows some experimental results from which it is shown that each improvements accelerate twisted- te pairing.

DOI： 10.1109/ICCIT.2009.203

Web of Science

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

DOI： 10.1109/ISCE.2009.5156956

Scopus

researchmap

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：Institute of Electronics, Information and Communication, Engineers, IEICE  

This paper proposes an extension field named TypeII AOPF. This extension field adopts TypeII optimal normal basis, cyclic vector multiplication algorithm, and Itoh-Tsujii inversion algorithm. The calculation costs for a multiplication and inversion in this field is clearly given with the extension degree. For example, the arithmetic operations in TypeII AOPF Fp5 is about 20% faster than those in OFF Fp5, Then, since CVMA is suitable for parallel processing, we show that Typell AOPF is superior to AOPF as to parallel processing and then show that a multiplication in TypeII AOPF becomes about twice faster by parallelizing the CVMA computation in TypeII AOPF. Copyright © 2005 The Institute of Electronics, Information and Communication Engineers.

DOI： 10.1093/ietfec/e88-a.5.1200

Scopus

researchmap

記述言語：日本語   出版者・発行元：一般社団法人映像情報メディア学会  

本稿では画像圧縮と切り取りに対して耐性をもつ電子透かし法を提案する.本手法では, まず透かしを挿入する対象画像にハール基底の離散ウェーブレット変換を施し, 多重解像度近似(MRA)を抽出する.そのMRAに対しPN系列を用いて周波数拡散を施し, その後1列ごとに1次元フーリエ変換を施す.得られたフーリエ係数を埋め込む透かし情報のピットに応じて増減させることにより情報を埋め込む.本手法は, PN系列を用いて周波数拡散しているため, 埋め込みに用いたPN系列を知らない第3者には解読・改竄はできないという特徴を有している.検出時には原画像のPN拡散を施したMRA成分と透かし情報の埋め込まれた画像のPN拡散MRAの差分を求め, 1次元離散フーリエ係数の変化分を算出している.このため切り取られた画像の一部分のデータからでも透かし情報の検出ができるという特徴をもっている.

DOI： 10.11485/itetr.25.83.0_49

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：電子情報通信学会  

CiNii Article

researchmap

記述言語：英語   出版者・発行元：電子情報通信学会  

CiNii Article

researchmap

記述言語：英語   出版者・発行元：電子情報通信学会  

CiNii Article

CiNii Books

researchmap

DOI： 10.11309/jssst.36.95

Scopus

J-GLOBAL

researchmap

J-GLOBAL

researchmap

記述言語：英語   出版者・発行元：電気学会  

CiNii Article

researchmap

記述言語：英語   出版者・発行元：電気学会  

CiNii Article

CiNii Books

researchmap

記述言語：英語  

DOI： 10.18178/ijiee.2018.8.1.685

researchmap

DOI： 10.18178/ijiee.2018.8.1.685

researchmap

記述言語：英語   出版者・発行元：電子情報通信学会  

CiNii Article

CiNii Books

researchmap

記述言語：英語  

researchmap

記述言語：英語  

researchmap

記述言語：英語  

DOI： 10.24138/jcomss.v14i2.461

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.24138/jcomss.v14i1.446

Web of Science

Scopus

researchmap

researchmap

researchmap

researchmap

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

記述言語：英語  

DOI： 10.1587/transfun.E100.A.2720

Web of Science

Scopus

arXiv

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet100a.html#TsuchiyaNU17

記述言語：日本語   出版者・発行元：電子情報通信学会  

CiNii Article

CiNii Books

researchmap

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1587/transfun.E100.A.1816

Web of Science

Scopus

arXiv

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet100a.html#TsuchiyaN17

記述言語：英語  

DOI： 10.1587/transfun.E100.A.922

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet100a.html#BegumNUM17

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1587/transfun.E100.A.1838

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.6109/jicce.2017.15.2.97

Scopus

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

記述言語：英語  

DOI： 10.1002/sec.1462

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.1145/2890502

Web of Science

Scopus

researchmap

記述言語：英語   出版者・発行元：ASSOC COMPUTING MACHINERY  

In this article, we present a hybrid method to improve the performance of the Montgomery reduction by taking advantage of the Karatsuba technique. We divide the Montgomery reduction into two sub-parts, including one for the conventional Montgomery reduction and the other one for Karatsuba-aided multiplication. This approach reduces the multiplication complexity of n-limb Montgomery reduction from theta(n(2) + n) to asymptotic complexity theta(7n(2)/8 + n). Our practical implementation results over an 8-bit microcontroller also show performance enhancements by 11%.

DOI： 10.1145/2890502

Web of Science

researchmap

記述言語：英語  

DOI： 10.1145/2890502

Web of Science

researchmap

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1587/transinf.2015ICP0018

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet99d.html#NogamiKIMN16

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

記述言語：英語  

DOI： 10.1587/transinf.2015PAP0027

Web of Science

researchmap

記述言語：英語   出版者・発行元：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

This paper addresses the problem of job scheduling in volunteer computing (VC) systems where each computation job is replicated and allocated to multiple participants (workers) to remove incorrect results by a votingmechanism. In the job scheduling of VC, the number of workers to complete a job is an important factor for the system performance; however, it cannot be fixed because some of the workers may secede in real VC. This is the problem that existing methods have not considered in the job scheduling. We propose a dynamic job scheduling method which considers the expected probability of completion (EPC) for each job based on the probability of worker's secession. The key idea of the proposed method is to allocate jobs so that EPC is always greater than a specified value (SPC). By setting SPC as a reasonable value, the proposed method enables to complete jobs without excess allocation, which leads to the higher performance of VC systems. We assume in this paper that worker's secession probability follows Weibull-distribution which is known to reflect more practical situation. We derive parameters for the distribution using actual trace data and compare the performance of the proposed and the previous method under the Weibull-distribution model, as well as the previous constant probability model. Simulation results show that the performance of the proposed method is up to 5 times higher than that of the existing method especially when the time for completing jobs is restricted, while keeping the error rate lower than a required value.

DOI： 10.1587/transinf.2015PAP0027

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet98d.html#MiyakoshiYWFN15

記述言語：英語   出版者・発行元：電子情報通信学会  

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：ELSEVIER ADVANCED TECHNOLOGY  

Optimal Prime Fields (OPFs) are considered to be one of the best choices for lightweight elliptic curve cryptography implementations on resource-constraint embedded processors. In this paper, we revisit the efficient modular arithmetic over the special prime fields, and present improved implementations of modular multiplication and squaring for OPFs, called Optimal Prime Field Coarsely Integrated Operand Caching (OPF-CIOC) and Coarsely Integrated Sliding Block Doubling (OPF-CISBD) methods. The OPF-CIOC and OPF-CISBD methods follow the general ideas of (consecutive) operand caching and sliding block doubling techniques, respectively. The methods have been carefully optimized and redesigned for Montgomery multiplication and squaring in an integrated fashion. We then evaluate the practical performance of proposed methods on representative 8-bit AVR processor. Experimental results show that the proposed OPF-CIOC and OPF-CISBD methods outperform the previous best known results in ACNS'14 by a factor of 8% and 32%. Furthermore, our methods are implemented in a regular way which helps to reduce the leakage of side-channel information. (C) 2015 Elsevier Ltd. All rights reserved.

DOI： 10.1016/j.cose.2015.03.005

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.1016/j.cose.2015.03.005

Web of Science

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

現在主に利用されている公開鍵暗号の多くは,量子コンピューターの実現と,Shorのアルゴリズムによって破られることが示されている.この問題に対して,耐量子暗号と呼ばれる暗号の研究が行われている.NTRU暗号はHoffsteinらによって提案された耐量子暗号であり,円分多項式を用いるため,高速な演算が可能である.本研究では,これに対して円分多項式から自明な因数多項式を除いて与えられるAll One Polynomialと呼ばれる多項式を法とする多項式環All One Polynomial Ringを用いた方式を考える.この環上ではCVMAと呼ばれる乗算アルゴリズムが利用でき,NTRUと同様の理論で安全性に関する考察が行える.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

吉田らは埋め込み次数2の超特異楕円曲線を用いたペアリング暗号におけるベクトル分解問題について詳細に考察を与えた.これをトラップドアとした暗号応用を考えると,ペアリングを高速化,効率化する必要があり,本稿では2次拡大体上の超特異楕円曲線を用いてTateペアリングの効率化を考える.Tateペアリングを構成するMillerのアルゴリズムと最終べきの両方に計算工夫を施した.超特異楕円曲線の性質を利用した計算の効率化,さらには曲線にツイスト写像を用いてMillerループ中の直線計算と接線計算の乗算を1回減らすことによって,どの程度ペアリングが効率化されたかを検討する.

CiNii Article

CiNii Books

researchmap

researchmap

記述言語：英語  

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

J-GLOBAL

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

近年,GPUを数値演算に用いるGPGPUの環境が整い,GPGPUを用いた暗号実装の研究が盛んに行われている.本稿では,ペアリング暗号のための拡大体上で乗算が効率よく行える循環ベクトル乗算アルゴリズムについて,素体の標数を256bitとしてGPUにより実装を行った.その中で,乗算剰余算を効率よく行うために,モンゴメリ乗算を適用した.NVIDIA GeForce GTX680への実装では,CPU(Core i7 3970X)に対して10倍以上遅いという結果になった.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

近年,GPUを数値演算に用いるGPGPUの環境が整い,GPGPUを用いた暗号実装の研究が盛んに行われている.本稿では,ペアリング暗号のための拡大体上で乗算が効率よく行える循環ベクトル乗算アルゴリズムについて,素体の標数を256bitとしてGPUにより実装を行った.その中で,乗算剰余算を効率よく行うために,モンゴメリ乗算を適用した.NVIDIA GeForce GTX680への実装では,CPU(Core i7 3970X)に対して10倍以上遅いという結果になった.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

近年,GPUを数値演算に用いるGPGPUの環境が整い,GPGPUを用いた暗号実装の研究が盛んに行われている.本稿では,ペアリング暗号のための拡大体上で乗算が効率よく行える循環ベクトル乗算アルゴリズムについて,素体の標数を256bitとしてGPUにより実装を行った.その中で,乗算剰余算を効率よく行うために,モンゴメリ乗算を適用した.NVIDIA GeForce GTX680への実装では,CPU(Core i7 3970X)に対して10倍以上遅いという結果になった.

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：一般社団法人電子情報通信学会  

本稿は,改良した4倍算公式を用いた楕円スカラー倍算の実装およびその実験結果を示す。楕円曲線上の点の4倍算は二回の二倍算より効率がよいことが知られている。そのために,複数の基数を用いてスカラーを展開し,その上で,楕円スカラー倍算における点加算の回数をバイナリ法よりも少なく実現することができる。これに加え本稿の提案は,点の加算に座標変換を行い,加算公式の計算コストを有限体上の乗算1回分削減する方法を示す。そして,具体的に256ビット楕円曲線暗号としての実装評価を行う。

CiNii Article

CiNii Books

researchmap

記述言語：日本語  

近年，GPU を数値演算に用いる GPGPU の環境が整い，GPGPU を用いた暗号実装の研究が盛んに行われている．本稿では，ペアリング暗号のための拡大体上で乗算が効率よく行える循環ベクトル乗算アルゴリズムについて，素体の標数を 256bit として GPU により実装を行った．その中で，乗算剰余算を効率よく行うために，モンゴメリ乗算を適用した．NVIDIA GeForce GTX680 への実装では，CPU （Core i7 3970X） に対して 10 倍以上遅いという結果になった．Recently, studies on implementation of cryptographical algorithms on GPUs are widely conducted as GPGPU development environment provides easy access to GPUs for non-graphics programming. In this paper, we implement cyclic vector multiplication algorithm, or an efficient multiplication algorithm on extension fields, that will accelerate pairing cryptography. Since we adopt 256-bit characteristic for the base fields, we also implement Montgomery multiplication for 256-bit operands on GPU. As the result of implementation on NVIDIA GeForce GTX680, it is over 10 times slower than implementation on Core i7 3970X.

CiNii Article

CiNii Books

researchmap

記述言語：英語  

DOI： 10.1007/978-3-319-04873-4_11

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/pairing/pairing2013.html#MoriANS13

J-GLOBAL

researchmap

記述言語：英語   出版者・発行元：一般社団法人電子情報通信学会  

pを奇標数,素体F_p上のm次原始多項式をf(x),その零点をωとして,Tr(w^i),i=0,1,2,…は周期p^m-1の多値M系列を構成する.これに対して本稿では,Legendreシンボルを用いて二値化することを考える.そしてこの二値系列が,周期L=2(p^m-1)/(p-1)をもつことを示し,またその自己相関の周期的な特性について考察する.幾らかの小さな具体例と今後の研究方針についても述べる.

CiNii Article

CiNii Books

researchmap

記述言語：英語  

DOI： 10.1109/NBiS.2013.86

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/nbis/nbis2013.html#KonoSN13

記述言語：英語  

DOI： 10.1109/IWSDA.2013.6849054

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/iwsda/iwsda2013.html#NogamiTU13

J-GLOBAL

researchmap

記述言語：日本語  

CiNii Article

researchmap

記述言語：英語   出版者・発行元：IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC  

Several methods for finding a basis conversion matrix between two different bases in an extension field F-p(m) have been proposed. Among them, the one based on Gauss period normal basis (GNB) is on average the most efficient. However, since it needs to construct a certain tower field F-(pm)n, some inefficient cases in which the towering degree n becomes large have been reported. This paper first determines that such inefficient cases are caused by the GNB condition. In order to overcome this inefficiency, we propose a method that does not use any GNB in the target extension field F-p(m), but instead uses a certain polynomial basis in F-p(m) derived by a certain small cyclic group in F-(pm)n. This causes relaxation of the condition for the towering degree n. In addition, our experimental results show that the proposed method substantially accelerates the computation time for finding a basis conversion matrix.

DOI： 10.1109/TIT.2012.2191477

Web of Science

Scopus

researchmap

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1109/TIT.2012.2191477

Web of Science

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

本稿では、奇標数pの素体F_p上の2^i次原始多項式を構成するための一手法を示す。具体的には、j<iとして適当なF^*_<p^<2^j>>の元αを用いて、自己α相反変換と呼ぶ変数変換x&map;x+αx^<-1>により、2^i次の既約多項式を生成し、これに対してその原始性を判定する。これが原始多項式でない場合には、これを効率よく原始化するための一つのアプローチを示し、いくつかの具体例を示す。

CiNii Article

CiNii Books

researchmap

記述言語：日本語  

CiNii Article

researchmap

記述言語：日本語  

CiNii Article

researchmap

記述言語：日本語  

CiNii Article

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

著者らは標数と拡大次数に対して柔軟に対応できるような拡大体上乗算アルゴリズムとして,循環ベクトル乗算アルゴリズム(CVMA)を提案している.CVMAをハードウェア実装するために,SITA2010にて根角らは2重ループを1重ループ構造に改良したが,その実装には多くのメモリを使用するという問題点が生じている.そこで本稿では,その改良されたCVMAをより省メモリで実装する方法を提案する.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

著者らは標数と拡大次数に対して柔軟に対応できるような拡大体上乗算アルゴリズムとして,循環ベクトル乗算アルゴリズム(CVMA)を提案している.CVMAをハードウェア実装するために,SITA2010にて根角らは2重ループを1重ループ構造に改良したが,その実装には多くのメモリを使用するという問題点が生じている.そこで本稿では,その改良されたCVMAをより省メモリで実装する方法を提案する.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

著者らは標数と拡大次数に対して柔軟に対応できるような拡大体上乗算アルゴリズムとして,循環ベクトル乗算アルゴリズム(CVMA)を提案している.CVMAをハードウェア実装するために,SITA2010にて根角らは2重ループを1重ループ構造に改良したが,その実装には多くのメモリを使用するという問題点が生じている.そこで本稿では,その改良されたCVMAをより省メモリで実装する方法を提案する.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

著者らは標数と拡大次数に対して柔軟に対応できるような拡大体上乗算アルゴリズムとして,循環ベクトル乗算アルゴリズム(CVMA)を提案している.CVMAをハードウェア実装するために,SITA2010にて根角らは2重ループを1重ループ構造に改良したが,その実装には多くのメモリを使用するという問題点が生じている.そこで本稿では,その改良されたCVMAをより省メモリで実装する方法を提案する.

CiNii Article

CiNii Books

researchmap

記述言語：日本語  

CiNii Article

researchmap

記述言語：日本語  

著者らは標数と拡大次数に対して柔軟に対応できるような拡大体上乗算アルゴリズムとして，循環ベクトル乗算アルゴリズム (CVMA) を提案している．CVMA をハードウェア実装するために，SITA2010 にて根角らは 2 重ループを 1 重ループ構造に改良したが，その実装には多くのメモリを使用するという問題点が生じている．そこで本稿では，その改良された CVMA をより省メモリで実装する方法を提案する．The authors have proposed a cyclic vector multiplication algorithm abbreviated as CVMA that is flexible to the parameters of extension field, that is extension degree and charasteristic. For the hardware implementation of CVMA, the authors have improved the double loop structure of CVMA to a single loop one, and it has been presented at SITA2010. However, it has a problem that it needs a lot of memory. Thus, this paper proposes a method to save the memory use of the single loop version of CVMA.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

著者らは,拡大体上の汎用的な乗算アルゴリズムとして,循環ベクトル乗算アルゴリズム(Cyclic vector multiplication algorithm:CVMA)を提案してきた.最近,GrangerらがMinimal Redundancy Cyclotomic Primes(MRCPs)を考案し,これを法とする整数乗剰余算にCVMAが活用できることを示した.本稿では,MRCPsの条件を詳細化するとともに,それに基づいてCVMAを利用したMRCP乗算アルゴリズムについても詳細化する.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

EMV署名はクレジットカードなどで利用されている署名方式であり,ISO/IEC 9796-2署名に準拠した方式を利用している.他方で,Coron-Naccache-Tibouchi-WeinmannはCRYPTO 2009にISO/IEC 9796-2 Scheme 1の偽造攻撃法を提案した.彼等はEMV署名におけるメッセージ部に格納される情報のうち,攻撃者が変更可能な情報と固定される情報を仮定し,特定の条件下でのEMV署名に対する攻撃計算量を見積もることで,EMV署名に対する偽造可能性について評価した.その結果,現実的な計算時間で偽造攻撃が実行される危険性は少ないと結論付けた.しかし,メッセージ部分に格納されるどの情報が固定されるかは不明確であり,攻撃者にとって有利な状況で偽造攻撃を適用できる可能性も考えられる.そこで,本稿では全ての条件下でのEMV署名に対する偽造可能性について詳細に評価を行い,条件によっては現実的な計算時間で偽造攻撃を実行できる場合があることを示す.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

EMV署名はクレジットカードなどで利用されている署名方式であり,ISO/IEC 9796-2署名に準拠した方式を利用している.他方で,Coron-Naccache-Tibouchi-WeinmannはCRYPTO 2009にISO/IEC 9796-2 Scheme 1の偽造攻撃法を提案した.彼等はEMV署名におけるメッセージ部に格納される情報のうち,攻撃者が変更可能な情報と固定される情報を仮定し,特定の条件下でのEMV署名に対する攻撃計算量を見積もることで,EMV署名に対する偽造可能性について評価した.その結果,現実的な計算時間で偽造攻撃が実行される危険性は少ないと結論付けた.しかし,メッセージ部分に格納されるどの情報が固定されるかは不明確であり,攻撃者にとって有利な状況で偽造攻撃を適用できる可能性も考えられる.そこで,本稿では全ての条件下でのEMV署名に対する偽造可能性について詳細に評価を行い,条件によっては現実的な計算時間で偽造攻撃を実行できる場合があることを示す.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

ペアリングベース暗号といった暗号応用技術では,標数と拡大次数に対して柔軟に対応できる拡大体の構成法が必要とされる場合がある.加藤らはこのような拡大体の構成法としてガウス周期正規基底に注目し,その基底で構成された拡大体における効率の良い乗算アルゴリズムとして,循環ベクトル乗算アルゴリズムを提案している.本稿では,このガウス周期正規基底の存在確率を理論的に考えることで,循環ベクトル乗算アルゴリズムの効率をより明確にし,再評価する.

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：SPRINGER-VERLAG BERLIN  

A lot of improvements and optimizations for the hardware implementation of Sub Bytes of Rijndael, in detail inversion in F(28) have been reported. Instead of the Rijndael original F(28) it is known that its isomorphic tower field F(((22)2)2) has a more efficient inversion. For the towerings, several kinds of bases such as polynomial and normal bases can be used in mixture. Different from the meaning of this mixture of bases, this paper proposes another mixture that contributes to the reduction of the critical path delay of SubBytes. To the F((22)2)-inversion architecture, for example, the proposed mixture inputs and outputs elements represented with normal and polynomial bases, respectively.

DOI： 10.1007/978-3-642-15031-9_16

Web of Science

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/ches/ches2010.html#NogamiNTHM10

researchmap

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1007/978-3-642-15031-9_16

Web of Science

Scopus

researchmap

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

楕円曲線上のペアリングを用いる暗号方式の中で,RSA暗号のような大きな素因数を含む合成数を位数とする非超特異ペアリングフレンドリ曲線を用いるものが提案されている.このような特殊な曲線の生成には多くの計算時間がかかる場合も少なくないため,その簡便な生成法についての研究がなされている.一方で,実際にそのようなペアリングフレンドリ曲線を用いてペアリング暗号を構成した場合には,ペアリング計算のみならず,楕円スカラー倍算や拡大体におけるべき乗算なども効率よく行える必要がある.本稿では,そのような合成数位数をもつ,ある埋め込み次数1の非超特異ペアリングフレンドリ曲線に対して,GLV法およびマルチスカラー倍算を適用することで,そのスカラー倍算を効率よく行う実装法を示し,合わせてその実装評価をする.

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：一般社団法人電子情報通信学会  

現在,2つの異なる拡大体F_<p^m>における基底間の基底変換行列を生成する様々な手法が提案されている.それらの中でもガウス周期正規基底を用いた手法が平均計算量の観点から最も効率的である.しかし,基底変換行列を求める際に必要となる逐次拡大体F_<(p^m)^n>を準備する際に,場合によっては逐次拡大次数が大きくなってしまい,計算量が多くなってしまうことが報告されている.これはガウス周期正規基底の構成条件から起因している.この逐次拡大次数の増加を抑えるために,本稿ではガウス周期正規基底を用いるのではなく,多項式基底およびF_<p^m>上の小さな巡回群を用いた基底変換行列の生成法を提案する.これにより,逐次拡大次数の増加を抑えることが可能となった.計算機シミュレーションの結果,提案法は従来のガウス周期正規基底を用いた手法に比べ,基底変換行列を求める際に必要となる平均計算時間を大きく削減することが可能となった.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

近年,グループ署名やID-based暗号といった楕円曲線上の双線形写像(ペアリング)に基づく暗号方式が注目されている.一方,二つの大きな素数の積で与えられる合成数を法として定義されたRSA暗号方式においては,これをベースとした様々なアプリケーションが提案されてきた.RSA暗号ベースの技術とペアリングを組み合わせ,かつ十分な安全性を確保するためには,ペアリングに用いる群の位数が500ビット程度の二つの大きな素数をもつ合成数で与えられるようなペアリングフレンドリ曲線の生成が必要である.効率の観点から,著者らはとくに埋め込み次数が1であり,かつ2つの大きな素因数を位数に含む,幾つかの非超特異ペアリングフレンドリ曲線に注目した.本稿ではそのような曲線の生成,そのような曲線を用いたTateペアリングを実装し,その実験の結果を報告する.

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

It is said that the lower bound of the number of iterations of Miller's algorithm for pairing calculation is log(2) r/phi(k), where phi(.) is the Euler's function, r is the group order, and k is the embedding degree. Ate pairing reduced the number of the loops of Miller's algorithm of Tate pairing from left perpendicularlog(2) right perpendicular to left perpendicularlog(2)(t-1)right perpendicular, where t is the Frobenius trace. Recently, it is known to systematically prepare a pairing-friendly elliptic curve whose parameters are given by a polynomial of integer variable "chi." For such a curve, this paper gives integer variable chi-based Ate (Xate) pairing that achieves the lower bound. In the case of the well-known Barreto-Naehrig pairing-friendly curve. it reduces the number of loops to left perpendicularlog(2)chi right perpendicular. Then, this paper optimizes Xate pairing for Barreto-Naehrig curve and shows its efficiency based on some simulation results.

DOI： 10.1587/transfun.E92.A.1859

Web of Science

Scopus

researchmap

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1587/transfun.E92.A.1859

Web of Science

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet92a.html#NogamiSKAM09

記述言語：英語  

DOI： 10.1587/transfun.E92.A.1500

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet92a.html#NogamiNM09

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

近年,グループ署名やID-based暗号といった楕円曲線上の双線形写像(ペアリング)に基づく暗号方式が注目されている.一方,2つの大きな素数の積で与えられる合成数を法として定義されたRSA方式においては,これをベースとした様々なアプリケーションが提案されてきた.RSAベースの技術をペアリングと組み合わせるために,これに必要となる合成数位数をもつペアリングフレンドリ曲線(非超特異)の生成を本稿では目的とする.ここでは位数が整数変数χを用いた2次の多項式r(χ)で与えられる場合を考え,適当な整数変数χを与えることにより,2つの大きな素因数を含むr(χ)を求める方法を考える.本稿では,とくに埋め込み次数が3であり,判別式が3で曲線がy^2=x^3+a a∈F_p の形で与えられる非超特異なペアリングフレンドリ曲線を対象とする.

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：一般社団法人電子情報通信学会  

効率的に検証者ローカル失効確認ができるグループ署名方式が提案されている.この方式では,ペアリングの積の計算にマルチペアリング技術を利用することにより,効率的な失効確認を行なっている.しかしこの方式は,実装に基づいた評価がなされていないという問題がある.本稿では,本方式の実装とその実験結果を示す.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

楕円曲線暗号に代表されるように,公開鍵暗号の実装に拡大体での乗算を必要とすることがある.拡大体での乗算は複雑な処理と計算時間を必要とするため,その高速実装のためには乗算アルゴリズムが必要である.これまでに著者らは標数および拡大次数に対して制限のない乗算アルゴリズムとしてCyclic Vector MultiplicationAlgorithm(CVMA)を提案してきた.従来のCVMAでは拡大体の構成に必要なパラメータkの大きさに比例した計算コストが発生する.パラメータkの最小値は構成する拡大体の標数および拡大次数によって一意的に決まるため,kが大きな値をもつ拡大体での乗算を行う際にその計算時間の増加が問題視されていた.本稿では拡大体上乗算に必要な素体上演算に代えて処理時間の短いビットシフト演算を用いるよう改良を加えたことでCVMAのコスト削減を図った.

CiNii Article

CiNii Books

researchmap

記述言語：英語   出版者・発行元：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

This paper presents implementation techniques of fast Ate pairing of embedding degree 12. In this case, we have no trouble in finding a prime order pairing friendly curve E such as the Barreto-Naehrig curve y(2) = x(3) + a, a is an element of F-p. For the curve, an isomorphic substitution from G(2) is an element of E(F-p(12)) into G(2)'in subfield-twisted elliptic curve E'(F-p(2)) speeds up scalar multiplications over G(2) and wipes out denominator calculations in Miller's algorithm. This paper mainly provides about 30% improvement of the Miller's algorithm calculation using proper subfield arithmetic operations. Moreover, we also provide the efficient parameter settings of the BN curves. When p is a 254-bit prime, the embedding degree is 12, and the processor is Pentium4 (3.6 GHz), it is shown that the proposed algorithm computes Ate pairing in 13.3 milli-seconds including final exponentiation.

DOI： 10.1587/transfun.E92.A.508

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.1587/transfun.E92.A.508

Web of Science

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet92a.html#AkaneNM09

記述言語：英語  

DOI： 10.1587/transfun.E92.A.173

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet92a.html#KatouNYM09

担当区分：筆頭著者   記述言語：英語  

DOI： 10.1587/transfun.E92.A.182

Web of Science

researchmap

その他リンク： https://dblp.uni-trier.de/db/journals/ieicet/ieicet92a.html#NogamiSONAM09

記述言語：英語   出版者・発行元：IEICE-INST ELECTRONICS INFORMATION COMMUNICATIONS ENG  

For ID-based cryptography, not only pairing but also scalar multiplication must be efficiently computable. In this paper, we propose a scalar multiplication method on the circumstances that we work at Ate pairing with Barreto-Naehrig (BN) curve. Note that the parameters of BN curve are given by a certain integer, namely mother parameter. Adhering the authors' previous policy that we execute scalar multiplication on subfield-twisted curve (E) over tilde (F-p2) instead of doing on the original curve E(F-p12), we at first show sextic twisted subfield Frobenius mapping (ST-SFM) in E(Fp2). On BN curves, note (phi) over tilde is identified with the scalar multiplication by p. However a scalar is always smaller than the order r of BN curve for Ate pairing, so ST-SFM does not directly applicable to the above circumstances. We then exploit the expressions of the curve order r and the characteristic p by the mother parameter to derive some radices such that they are expressed as a polynomial of p. Thus, a scalar multiplication [s] can be written by the series of ST-SFMs (phi) over tilde. In combination with the binary method or multi-exponentiation technique, this paper shows that the proposed method runs about twice or more faster than plain binary method.

DOI： 10.1587/transfun.E92.A.182

Web of Science

Scopus

researchmap

記述言語：英語   出版者・発行元：IEEE  

This paper shows an improvement of Miller's algorithm so as to be efficient for thread programming by using divisor theorem. Then, this paper implements a thread program of the improved Miller's algorithm by which it is shown that the proposed technique is more efficient than ordinary Miller's algorithm.

DOI： 10.1109/ISCE.2009.5156956

Web of Science

researchmap

researchmap

researchmap

researchmap

記述言語：英語  

DOI： 10.1109/ISIT.2009.5205994

Web of Science

Scopus

researchmap

その他リンク： https://dblp.uni-trier.de/db/conf/isit/isit2009.html#SakemiMNK09

researchmap

researchmap

記述言語：英語  

DOI： 10.1093/ietfec/e91-a.12.3745

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.4218/etrij.08.0108.0178

Web of Science

Scopus

researchmap

記述言語：英語   出版者・発行元：ACADEMIC PRESS INC ELSEVIER SCIENCE  

This paper proposes a useful method for constructing a self-dual normal basis in an arbitrary extension field F-p(m) such that 4p does not divide m(p - 1) and m is odd. In detail, when the characteristic p and extension degree in satisfies the following conditions (1) and either (2a) or (2b); (1) 2km + 1 is a prime number, (2a) the order of p in F2km+ 1 is 2km, (2b) 2 dagger km and the order of p in F2km + 1 is km, we can consider a class of Gauss period normal bases. Using this Gauss period normal basis, this paper shows a method to construct a self-dual normal basis in the extension field F-p(m). (C) 2008 Elsevier Inc. All rights reserved.

DOI： 10.1016/j.ffa.2008.04.001

Web of Science

Scopus

researchmap

記述言語：英語  

DOI： 10.1016/j.ffa.2008.04.001

Web of Science

researchmap

記述言語：日本語   出版者・発行元：一般社団法人電子情報通信学会  

近年,グループ署名やID-based暗号といった楕円曲線上の双線形写像(ペアリング)に基づく暗号方式が注目されている.これらの暗号方式は暗号化・復号・署名などの処理の際に,ペアリング計算後の拡大上の乗法群G_Tにおける演算(べき乗算)を必要とする.暗号に用いられるべき乗算は指数部が大きく計算に時間を要するため,本稿ではBarreto-Naehrig (BN)曲線とよばれる,埋め込み次数κ=12をもつ非超特異なペアリングフレンドリ曲線を用いた場合に組織的に与えられる整数χで指数部を展開することでべき乗算を高速化する手法を提案する.加えて,本稿ではこれまでに提案されているBinary法やNAF法,Window法,Avanzi法といった拡大体上のべき乗算アルゴリズムと提案法を組み合わせた実装および検証を行う.とくにNAF法との組み合わせによってべき乗する際の指数部のハミング重みに大きく依存せず高速に計算できることを示す.

CiNii Article

CiNii Books

researchmap

記述言語：日本語   出版者・発行元：一般社団法人情報処理学会  

近年，グループ署名 [1] や ID-based 暗号 [3] といった楕円曲線上の双線形写像（ペアリング) [2] に基づく暗号方式が注目されている．これらの暗号方式は暗号化・復号・署名などの処理の際に，ペアリング計算後の拡大上の乗法群 Gt における演算（べき乗算）を必要とする．暗号に用いられるべき乗算は指数部が大きく計算に時間を要するため，本稿では Barreto-Naehrig (BN) 曲線 [9] とよばれる，埋坊込み次数 k=12 をもつ非超特異なペアリングフレンドリ曲線を用いた場合に組織的に与えられる整数 x で指数部を展開することでべき乗算を高速化する手法を提案する．加えて，本稿ではこれまでに提案されている Bynary 法や ＮＡＦ 法、 Window 法， Avanzi 法 [12] [15] といった拡大体上のべき乗算アルゴリズムと提案法を組み合わせた実装および検証を行う．とくに NAF 法との組み合わせによってべき乗する際の指数部のハミング重みに大きく依存せず高速に計算できることを示す．In recent years, pairing-baaed cryptographies [2] such as ID-base cryptography |3] and group signature [1] have been studied. These cryptographies require exponentiations in multiplicative group Gt- In this paper, the author proposes an efficient exponentiation method for the case of Barreto-Naehrig (BN) curve [9] . Additionally, the author shows implementation results of the proposed method with conventional techniques such as binary method, window method, NAF method and Avanzi method [12] [15]. Then, the author shows the proposed method carries out exponentiation fast.

CiNii Article

CiNii Books

researchmap

その他リンク： http://id.nii.ac.jp/1001/00044301/