IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Online ISSN : 1745-1337
Print ISSN : 0916-8508
Current issue
Showing 1-43 articles out of 43 articles from the selected issue
Special Section on Discrete Mathematics and Its Applications
2019 Volume E102.A Issue 9 Pages 986
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS
• Michitaka FURUYA, Maho YOKOTA
Type: PAPER
Subject area: Graph algorithms
2019 Volume E102.A Issue 9 Pages 987-993
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

For a family H of connected graphs and an integer k≥1, let Gk(H) denote the family of k-connected graphs which contain no element of H as an induced subgraph. Let H+ be the family of those connected graphs of order 5 which contain K1,3 as an induced subgraph. In this paper, for each integer k≥1, we characterize the families HH+ such that the symmetric difference of Gk(K1,3) and Gk(H) is finite.

• Akane SETO, Aleksandar SHURBEVSKI, Hiroshi NAGAMOCHI, Peter EADES
Type: PAPER
Subject area: Graph algorithms
2019 Volume E102.A Issue 9 Pages 994-1001
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

Recent research on graph drawing focuses on Right-Angle-Crossing (RAC) drawings of 1-plane graphs, where each edge is drawn as a straight line and two crossing edges only intersect at right angles. We give a transformation from a restricted case of the RAC drawing problem to a problem of finding a straight-line drawing of a maximal plane graph where some angles are required to be acute. For a restricted version of the latter problem, we show necessary and sufficient conditions for such a drawing to exist, and design an O(n2)-time algorithm that given an n-vertex plane graph produces a desired drawing of the graph or reports that none exists.

• Katsuhisa YAMANAKA, Yasuko MATSUI, Shin-ichi NAKANO
Type: PAPER
Subject area: Graph algorithms
2019 Volume E102.A Issue 9 Pages 1002-1006
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In this paper, we consider the problem of enumerating spanning subgraphs with high edge-connectivity of an input graph. Such subgraphs ensure multiple routes between two vertices. We first present an algorithm that enumerates all the 2-edge-connected spanning subgraphs of a given plane graph with n vertices. The algorithm generates each 2-edge-connected spanning subgraph of the input graph in O(n) time. We next present an algorithm that enumerates all the k-edge-connected spanning subgraphs of a given general graph with m edges. The algorithm generates each k-edge-connected spanning subgraph of the input graph in O(mT) time, where T is the running time to check the k-edge-connectivity of a graph.

• Ryo ASHIDA, Sebastian KUHNERT, Osamu WATANABE
Type: PAPER
Subject area: Graph algorithms
2019 Volume E102.A Issue 9 Pages 1007-1016
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

Miller [9] proposed a linear-time algorithm for computing small separators for 2-connected planar graphs. We explain his algorithm and present a way to modify it to a space efficient version. Our algorithm can be regarded as a log-space reduction from the separator construction to the breadth first search tree construction.

• Hidefumi HIRAISHI, Sonoko MORIYAMA
Type: PAPER
Subject area: Graph algorithms
2019 Volume E102.A Issue 9 Pages 1017-1021
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

While the graph minor theorem by Robertson and Seymour assures that any minor-closed class of graphs can be characterized by a finite list of excluded minors, such a succinct characterization by excluded minors is not always possible in matroids which are combinatorial abstraction from graphs. The class of matroids representable over a given infinite field is known to have an infinite number of excluded minors. In this paper, we show that, for any algebraic element x over the rational field ℚ the degree of whose minimal polynomial is 2, there exist infinitely many ℚ[x]-representable excluded minors of rank 3 for ℚ-representability. This implies that the knowledge that a given matroid is F-representable where F is a larger field than ℚ does not decrease the difficulty of excluded minors' characterization of ℚ-representability.

• Farley Soares OLIVEIRA, Hidefumi HIRAISHI, Hiroshi IMAI
Type: PAPER
Subject area: Graph algorithms
2019 Volume E102.A Issue 9 Pages 1022-1027
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

Revisiting the Sekine-Imai-Tani top-down algorithm to compute the BDD of all spanning trees and the Tutte polynomial of a given graph, we explicitly analyze the Fixed-Parameter Tractable (FPT) time complexity with respect to its (proper) pathwidth, pw (ppw), and obtain a bound of O*(Bellmin{pw}+1,ppw}), where Belln denotes the n-th Bell number, defined as the number of partitions of a set of n elements. We further investigate the case of complete graphs in terms of Bell numbers and related combinatorics, obtaining a time complexity bound of Belln-O(n/log n).

• Yacheng WANG, Yasuhiko IKEMATSU, Dung Hoang DUONG, Tsuyoshi TAKAGI
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1028-1036
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

At PQCrypto 2016, Szepieniec et al. proposed a new type of trapdoor called Extension Field Cancellation (EFC) for constructing secure multivariate encryption cryptosystems. They also specifically suggested two schemes EFCp- and EFCpt2- that apply this trapdoor and some modifiers. Although both of them seem to avoid all attacks used for cryptanalysis on multivariate cryptography, their decryption efficiency has room for improvement. On the other hand, their security was analyzed mainly through an algebraic attack of computing the Gröbner basis of the public key, and there possibly exists more effective attacks. In this paper, we introduce a more efficient decryption approach for EFCp- and EFCpt2-, which manages to avoid all redundant computation involved in the original decryption algorithms without altering their public key. In addition, we estimate the secure parameters for EFCp- and EFCpt2- through a hybrid attack of algebraic attack and exhaustive search.

• Kouya TOCHIKUBO
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1037-1047
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

We propose two secret sharing schemes realizing general access structures, which are based on unauthorized subsets. In the proposed schemes, shares are generated by Tassa's (k,n)-hierarchical threshold scheme instead of Shamir's (k,n)-threshold scheme. Consequently, the proposed schemes can reduce the number of shares distributed to each participant.

• Nuttapong ATTRAPADUNG, Goichiro HANAOKA, Shinsaku KIYOMOTO, Tomoaki MI ...
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1048-1060
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

Secure two-party comparison plays a crucial role in many privacy-preserving applications, such as privacy-preserving data mining and machine learning. In particular, the available comparison protocols with the appropriate input/output configuration have a significant impact on the performance of these applications. In this paper, we firstly describe a taxonomy of secure two-party comparison protocols which allows us to describe the different configurations used for these protocols in a systematic manner. This taxonomy leads to a total of 216 types of comparison protocols. We then describe conversions among these types. While these conversions are based on known techniques and have explicitly or implicitly been considered previously, we show that a combination of these conversion techniques can be used to convert a perhaps less-known two-party comparison protocol by Nergiz et al. (IEEE SocialCom 2010) into a very efficient protocol in a configuration where the two parties hold shares of the values being compared, and obtain a share of the comparison result. This setting is often used in multi-party computation protocols, and hence in many privacy-preserving applications as well. We furthermore implement the protocol and measure its performance. Our measurement suggests that the protocol outperforms the previously proposed protocols for this input/output configuration, when off-line pre-computation is not permitted.

• Chen-Mou CHENG, Kenta KODERA, Atsuko MIYAJI
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1061-1071
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

The security of elliptic curve cryptography is closely related to the computational complexity of the elliptic curve discrete logarithm problem (ECDLP). Today, the best practical attacks against ECDLP are exponential-time generic discrete logarithm algorithms such as Pollard's rho method. A recent line of inquiry in index calculus for ECDLP started by Semaev, Gaudry, and Diem has shown that, under certain heuristic assumptions, such algorithms could lead to subexponential attacks to ECDLP. In this study, we investigate the computational complexity of ECDLP for elliptic curves in various forms — including Hessian, Montgomery, (twisted) Edwards, and Weierstrass representations — using index calculus. Using index calculus, we aim to determine whether there is any significant difference in the computational complexity of ECDLP for elliptic curves in various forms. We provide empirical evidence and insight showing an affirmative answer in this paper.

• Daiki MIYAHARA, Tatsuya SASAKI, Takaaki MIZUKI, Hideaki SONE
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1072-1078
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

Kakuro is a popular logic puzzle, in which a player fills in all empty squares with digits from 1 to 9 so that the sum of digits in each (horizontal or vertical) line is equal to a given number, called a clue, and digits in each line are all different. In 2016, Bultel, Dreier, Dumas, and Lafourcade proposed a physical zero-knowledge proof protocol for Kakuro using a deck of cards; their proposed protocol enables a prover to convince a verifier that the prover knows the solution of a Kakuro puzzle without revealing any information about the solution. One possible drawback of their protocol would be that the protocol is not perfectly extractable, implying that a prover who does not know the solution can convince a verifier with a small probability; therefore, one has to repeat the protocol to make such an error become negligible. In this paper, to overcome this, we design zero-knowledge proof protocols for Kakuro having perfect extractability property. Our improvement relies on the ideas behind the copy protocols in the field of card-based cryptography. By executing our protocols with a real deck of physical playing cards, humans can practically perform an efficient zero-knowledge proof of knowledge for Kakuro.

• Kazuma OHARA, Yohei WATANABE, Mitsugu IWAMOTO, Kazuo OHTA
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1079-1090
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In recent years, multi-party computation (MPC) frameworks based on replicated secret sharing schemes (RSSS) have attracted the attention as a method to achieve high efficiency among known MPCs. However, the RSSS-based MPCs are still inefficient for several heavy computations like algebraic operations, as they require a large amount and number of communication proportional to the number of multiplications in the operations (which is not the case with other secret sharing-based MPCs). In this paper, we propose RSSS-based three-party computation protocols for modular exponentiation, which is one of the most popular algebraic operations, on the case where the base is public and the exponent is private. Our proposed schemes are simple and efficient in both of the asymptotic and practical sense. On the asymptotic efficiency, the proposed schemes require O(n)-bit communication and O(1) rounds,where n is the secret-value size, in the best setting, whereas the previous scheme requires O(n2)-bit communication and O(n) rounds. On the practical efficiency, we show the performance of our protocol by experiments on the scenario for distributed signatures, which is useful for secure key management on the distributed environment (e.g., distributed ledgers). As one of the cases, our implementation performs a modular exponentiation on a 3,072-bit discrete-log group and 256-bit exponent with roughly 300ms, which is an acceptable parameter for 128-bit security, even in the WAN setting.

• Kotaro MATSUDA, Atsushi TAKAYASU, Tsuyoshi TAKAGI
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1091-1100
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

The Shortest Vector Problem (SVP) is one of the most important lattice problems in computer science and cryptography. The LLL lattice basis reduction algorithm runs in polynomial time and can compute an LLL-reduced basis that provably contains an approximate solution to the SVP. On the other hand, the LLL algorithm in practice tends to solve low-dimensional exact SVPs with high probability, i.e., >99.9%. Filling this theoretical-practical gap would lead to an understanding of the computational hardness of the SVP. In this paper, we try to fill the gap in 3,4 and 5 dimensions and obtain two results. First, we prove that given a 3,4 or 5-dimensional LLL-reduced basis, the shortest vector is one of the basis vectors or it is a limited integer linear combination of the basis vectors. In particular, we construct explicit representations of the shortest vector by using the LLL-reduced basis. Our analysis yields a necessary and sufficient condition for checking whether the output of the LLL algorithm contains the shortest vector or not. Second, we estimate the failure probability that a 3-dimensional random LLL-reduced basis does not contain the shortest vector. The upper bound seems rather tight by comparison with a Monte Carlo simulation.

• Kazuma OHARA, Keita EMURA, Goichiro HANAOKA, Ai ISHIDA, Kazuo OHTA, Yu ...
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1101-1117
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

At EUROCRYPT 2012, Libert, Peters and Yung (LPY) proposed the first scalable revocable group signature (R-GS) scheme in the standard model which achieves constant signing/verification costs and other costs regarding signers are at most logarithmic in N, where N is the maximum number of group members. However, although the LPY R-GS scheme is asymptotically quite efficient, this scheme is not sufficiently efficient in practice. For example, the signature size of the LPY scheme is roughly 10 times larger than that of an RSA signature (for 160-bit security). In this paper, we propose a compact R-GS scheme secure in the random oracle model that is efficient not only in the asymptotic sense but also in practical parameter settings. We achieve the same efficiency as the LPY scheme in an asymptotic sense, and the signature size is nearly equal to that of an RSA signature (for 160-bit security). It is particularly worth noting that our R-GS scheme has the smallest signature size compared to those of previous R-GS schemes which enable constant signing/verification costs. Our technique, which we call parallel Boneh-Boyen-Shacham group signature technique, helps to construct an R-GS scheme without following the technique used in LPY, i.e., we directly apply the Naor-Naor-Lotspiech framework without using any identity-based encryption.

• Chuzo IWAMOTO, Masato HARUISHI, Tatsuaki IBUSUKI
Type: PAPER
Subject area: Puzzles
2019 Volume E102.A Issue 9 Pages 1118-1125
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

Herugolf and Makaro are Nikoli's pencil puzzles. We study the computational complexity of Herugolf and Makaro puzzles. It is shown that deciding whether a given instance of each puzzle has a solution is NP-complete.

• Hiro ITO, Atsuki NAGAO, Teagun PARK
Type: PAPER
Subject area: Puzzles
2019 Volume E102.A Issue 9 Pages 1126-1133
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

We present constant-time testing algorithms for generalized shogi (Japanese chess), chess, and xiangqi (Chinese chess). These problems are known or believed to be EXPTIME-complete. A testing algorithm (or a tester) for a property accepts an input if it has the property, and rejects it with high probability if it is far from having the property (e.g., at least 2/3) by reading only a constant part of the input. A property is said to be testable if a tester exists. Given any position on a ⌊√n⌋×⌊√n⌋ board with O(n) pieces, the generalized shogi, chess, and xiangqi problem are problems determining the property that “the player who moves first has a winning strategy.” We propose that this property is testable for shogi, chess, and xiangqi. The shogi tester and xiangqi tester have a one-sided-error, but surprisingly, the chess tester has no-error. Over the last decade, many problems have been revealed to be testable, but most of such problems belong to NP. This is the first result on the constant-time testability of EXPTIME-complete problems.

• Takumu SHIRAYAMA, Takuto SHIGEMURA, Yota OTACHI, Shuichi MIYAZAKI, Ryu ...
Type: PAPER
Subject area: Puzzles
2019 Volume E102.A Issue 9 Pages 1134-1141
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In this paper, we investigate computational complexity of pipe puzzles. A pipe puzzle is a kind of tiling puzzle; the input is a set of cards, and a part of a pipe is drawn on each card. For a given set of cards, we arrange them and connect the pipes. We have to connect all pipes without creating any local loop. While ordinary tiling puzzles, like jigsaw puzzles, ask to arrange the tiles with local consistency, pipe puzzles ask to join all pipes. We first show that the pipe puzzle is NP-complete in general even if the goal shape is quite restricted. We also investigate restricted cases and show some polynomial-time algorithms.

• Yuichi ASAHIRO, Guohui LIN, Zhilong LIU, Eiji MIYANO
Type: PAPER
Subject area: Optimization
2019 Volume E102.A Issue 9 Pages 1142-1149
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In this paper, we investigate the maximum induced matching problem (MaxIM) on C5-free d-regular graphs. The previously known best approximation ratio for MaxIM on C5-free d-regular graphs is $\left(\frac{3d}{4}-\frac{1}{8}+\frac{3}{16d-8}\right)$. In this paper, we design a $\left(\frac{2d}{3}+\frac{1}{3}\right)$-approximation algorithm, whose approximation ratio is strictly smaller/better than the previous one when d≥6.

• Toshiya ITOH, Yoshinori TAKEI
Type: PAPER
Subject area: Optimization
2019 Volume E102.A Issue 9 Pages 1150-1158
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

For the multi-objective time series search problem, Hasegawa and Itoh [Theoretical Computer Science, Vol.78, pp.58-66, 2018] presented the best possible online algorithm balanced price policy for any monotone function f:RkR. Specifically the competitive ratio with respect to the monotone function f(c1,...,ck)=(c1+…+ck)/k is referred to as the arithmetic mean component competitive ratio. Hasegawa and Itoh derived the explicit representation of the arithmetic mean component competitive ratio for k=2, but it has not been known for any integer k≥3. In this paper, we derive the explicit representations of the arithmetic mean component competitive ratio for k=3 and k=4, respectively. On the other hand, we show that it is computationally difficult to derive the explicit representation of the arithmetic mean component competitive ratio for arbitrary integer k in a way similar to the cases for k=2, 3, and 4.

• Yoichi SASAKI, Tetsuo SHIBUYA, Kimihito ITO, Hiroki ARIMURA
Type: PAPER
Subject area: Optimization
2019 Volume E102.A Issue 9 Pages 1159-1170
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In this paper, we study the approximate point set matching (APSM) problem with minimum RMSD score under translation, rotation, and one-to-one correspondence in d-dimension. Since most of the previous works about APSM problems use similality scores that do not especially care about one-to-one correspondence between points, such as Hausdorff distance, we cannot easily apply previously proposed methods to our APSM problem. So, we focus on speed-up of exhaustive search algorithms that can find all approximate matches. First, we present an efficient branch-and-bound algorithm using a novel lower bound function of the minimum RMSD score for the enumeration version of APSM problem. Then, we modify this algorithm for the optimization version. Next, we present another algorithm that runs fast with high probability when a set of parameters are fixed. Experimental results on both synthetic datasets and real 3-D molecular datasets showed that our branch-and-bound algorithm achieved significant speed-up over the naive algorithm still keeping the advantage of generating all answers.

• Takashi HARADA, Yuki ISHIKAWA, Ken TANAKA, Kenji MIKAWA
Type: PAPER
Subject area: Classification
2019 Volume E102.A Issue 9 Pages 1171-1178
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

The packet classification problem to determine the behavior of incoming packets at the network devices. The processing latency of packet classification by linear search is proportional to the number of classification rules. To limit the latency caused by classification to a certain level, we should develop a classification algorithm that classifies packets in a time independent of the number of classification rules. Arbitrary (including noncontiguous) bitmask rules are efficiently expressive for controlling higher layer communication, achiving access control lists, Quality of Service and so on. In this paper, we propose a classification algorithm based on run-based trie [1] according to arbitrary bitmask rules. The space complexity of proposed algorithm is in linear in the size of a rule list. The time complexity except for construction of that can be regarded as constant which is independent the number of rules. Experimental results using a packet classification algorithm benchmark [2] show that our method classifies packets in constant time independent of the number of rules.

• Yuhei FUKUI, Aleksandar SHURBEVSKI, Hiroshi NAGAMOCHI
Type: PAPER
Subject area: Mechanical design
2019 Volume E102.A Issue 9 Pages 1179-1186
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In the obnoxious facility game, we design mechanisms that output a location of an undesirable facility based on the locations of players reported by themselves. The benefit of a player is defined to be the distance between her location and the facility. A player may try to manipulate the output of the mechanism by strategically misreporting her location. We wish to design a λ-group strategy-proof mechanism i.e., for every group of players, at least one player in the group cannot gain strictly more than λ times her primary benefit by having the entire group change their reports simultaneously. In this paper, we design a k-candidate λ-group strategy-proof mechanism for the obnoxious facility game in the metric defined by k half lines with a common endpoint such that each candidate is a point in each of the half-lines at the same distance to the common endpoint as other candidates. Then, we show that the benefit ratio of the mechanism is at most 1+2/(k-1)λ. Finally, we prove that the bound is nearly tight.

• Ryota EGUCHI, Taisuke IZUMI
Type: PAPER
Subject area: Distributed algorithms
2019 Volume E102.A Issue 9 Pages 1187-1194
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

A passively mobile system is an abstract notion of mobile ad-hoc networks. It is a collection of agents with computing devices. Agents move in a region, but the algorithm cannot control their physical behavior (i.e., how they move). The population protocol model is one of the promising models in which the computation proceeds by the pairwise communication between two agents. The communicating agents update their states by a specified transition function (algorithm). In this paper, we consider a general form of the aggregation problem with a base station. The base station is a special agent having the computational power more powerful than others. In the aggregation problem, the base station has to sum up for inputs distributed to other agents. We propose an algorithm that solves the aggregation problem in sub-linear parallel time using a relatively small number of states per agent. More precisely, our algorithm solves the aggregation problem with input domain X in O(√n log2 n) parallel time and O(|X|2) states per agent (except for the base station) with high probability.

Special Section on Image Media Quality
• Toshiya NAKAGUCHI
2019 Volume E102.A Issue 9 Pages 1195
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS
• Shinya MOCHIDUKI, Ayaka NUNOMURA, Hiroaki KUDO, Mitsuho YAMADA
Type: PAPER
2019 Volume E102.A Issue 9 Pages 1196-1204
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

We studied the detection of the incongruence between the two eyes' retinal images from occlusion perception. We previously analyzed the evasion action caused by occlusion by using green-red equiluminance, which is processed by parvocellular cells. Here we analyzed this action by using yellow-blue equiluminance, which is said to be treated by koniocellular cells and parvocellular cells. We observed that there were the cases in which the subject could perceive incongruence by the occlusion and other cases in which the subject could not perceive it. Significant differences were not seen in all conditions. Because a difference was seen in an evasion action at the time of the rim occlusion gaze when we compare the result for the yellow-blue equiluminance with the green-red equiluminance, it is suggested that the response for each equiluminance is different. We were able to clarify the characteristic difference between parvocellular cells and koniocellular cells from an occlusion experiment.

• Tsuyoshi KUSHIMA, Miyuki SUGANUMA, Shinya MOCHIDUKI, Mitsuho YAMADA
Type: PAPER
2019 Volume E102.A Issue 9 Pages 1205-1216
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

Over the last 10 years, tablets have spread to the point where we can now read electronic books (e-books) like paper books. There is a long history of studies of eye movement during reading. Remarkable results have been reported for reading experiments in which displayed letters are changed in conjunction with eye movement during reading. However, these studies were conducted in the 1970s, and it is difficult to judge the detailed descriptions of the experimental techniques and whether the display time was correctly controlled when changing letters. Here, we propose an experimental system to control the display information exactly, as well as the display time, and inspect the results of past reading research, with the aim of being at the forefront of reading research in the e-book era.

• Yuki HAYAMI, Daiki TAKASU, Hisakazu AOYANAGI, Hiroaki TAKAMATSU, Yoshi ...
Type: PAPER
2019 Volume E102.A Issue 9 Pages 1217-1224
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

The human visual system exhibits a characteristic known as the Helmholtz-Kohlrausch (H-K) effect: even if the hue and the lightness retain the same values, the actual lightness (perceived lightness) changes with changes in the color saturation. Quantification of this effect is expected to be useful for the future development and evaluation of high-quality displays. We have been studying the H-K effect in natural images projected by LED projectors, which play important roles in practical uses. To verify the effectiveness of the determinations of the H-K effect for natural images, we have performed a subjective-evaluation experiment by method of adjustment for natural images and compared the experimental values with values calculated from extended form of Nayatani's equation to apply to natural images. In general, we found a high correlation between the two, although there was a low correlation for some images. Therefore, we obtained a correction function derived from the subjective evaluation experiment value of 108 color (hue: 12 × saturation: 3 × lightness: 3) patterns and have applied it to estimate the equation H-K effect.

• Tingxiao YANG, Yuichiro YOSHIMURA, Akira MORITA, Takao NAMIKI, Toshiya ...
Type: PAPER
2019 Volume E102.A Issue 9 Pages 1225-1234
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

In this paper, we propose a Pyramid Predictive Attention Network (PPAN) for medical image segmentation. In the medical field, the size of dataset generally restricts the performance of deep CNN and deploying the trained network with gross parameters into the terminal device with limited memory is an expectation. Our team aims to the future home medical diagnosis and search for lightweight medical image segmentation network. Therefore, we designed PPAN mainly made of Xception blocks which are modified from DeepLab v3+ and consist of separable depthwise convolutions to speed up the computation and reduce the parameters. Meanwhile, by utilizing pyramid predictions from each dimension stage will guide the network more accessible to optimize the training process towards the final segmentation target without degrading the performance. IoU metric is used for the evaluation on the test dataset. We compared our designed network performance with the current state of the art segmentation networks on our RGB tongue dataset which was captured by the developed TIAS system for tongue diagnosis. Our designed network reduced 80 percentage parameters compared to the most widely used U-Net in medical image segmentation and achieved similar or better performance. Any terminal with limited storage which is needed a segment of RGB image can refer to our designed PPAN.

• Yuta SAKAGAWA, Kosuke NAKAJIMA, Gosuke OHASHI
Type: PAPER
2019 Volume E102.A Issue 9 Pages 1235-1245
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

We propose a method that detects vehicles from in-vehicle monocular camera images captured during nighttime driving. Detecting vehicles from their shape is difficult at night; however, many vehicle detection methods focusing on light have been proposed. We detect bright spots by appropriate binarization based on the characteristics of vehicle lights such as brightness and color. Also, as the detected bright spots include lights other than vehicles, we need to distinguish the vehicle lights from other bright spots. Therefore, the bright spots were distinguished using Random Forest, a multiclass classification machine-learning algorithm. The features of bright spots not associated with vehicles were effectively utilized in the vehicle detection in our proposed method. More precisely vehicle detection is performed by giving weights to the results of the Random Forest based on the features of vehicle bright spots and the features of bright spots not related to the vehicle. Our proposed method was applied to nighttime images and confirmed effectiveness.

• Naho ITO, Most Shelina AKTAR, Yuukou HORITA
Type: LETTER
2019 Volume E102.A Issue 9 Pages 1246-1249
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In order to evaluate the vehicle detection method, it is necessary to know the correct vehicle position considered as “ground truth”. We propose indices considering subjective evaluation in vehicle detection utilizing IoU. Subjective evaluation experiments were carried out with respect to misregistration from ground truth in vehicle detection.

• Mami KITABATA, Yota NIIGAKI, Yuukou HORITA
Type: LETTER
2019 Volume E102.A Issue 9 Pages 1250-1253
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

In this paper, we consider the relationship between human preference and brain activity, especially pulse wave information using NIRS. First of all, we extracted the information of on pulse wave from the Hb changes signal of NIRS. By using the FFT to the Hb signals, we found out the 2-nd peak of power spectrum that is implying the frequency information of the pulse wave. The frequency deviation of 2-nd peak may have some information about the change of brain activity, it is associated with the human preference for viewing the significant image content.

• Takahide OTOMO, Shinya MOCHIDUKI, Eriko ISHII, Yuko HOSHINO, Mitsuho Y ...
Type: LETTER
2019 Volume E102.A Issue 9 Pages 1254-1258
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

We can enjoy various video contents such as movies in several ways. In this report, we show the effects of content differences on physiological parameters such as eye movements and CFF. This time we confirmed the difference in responses that after watching a movie. In addition, a consistent change that can infer that due to a movie was also indicated. Our results showed that content differences affect the parameters. This suggests the possibility that the influence of movie contents on the viewer can be evaluated by physiological parameters.

Regular Section
• Yuki FUNABIKI, Yosuke TODO, Takanori ISOBE, Masakatu MORII
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1259-1271
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

HIGHT is a 64-bit block lightweight cipher, which adopts the ARX-based generalized Feistel network, and it accepts a 128-bit key. It is a standard encryption algorithm in South Korea and also is internationally standardized by ISO/IEC 18033-3. Therefore, many third-party cryptanalyses have been proposed against HIGHT. Impossible differential and integral attacks are applied to reduced-round HIGHT, and especially, the impossible differential attack causes the 27-round attack, which is the current best attack under the single-key setting. In this paper, we propose some improved integral attacks against HIGHT. We first apply the division property to HIGHT and find new 19-round integral characteristics, which are improved by two rounds compared with the previous best ones. We append 9-round key recovery to these characteristics and it enables us to attack 28-round HIGHT. Its time complexity is 2127.02 where 263 chosen plaintexts and 2117 memory are required. Moreover, we can attack 29-round HIGHT if the full codebook is used, where its time and memory complexities are 2126.07 and 2118, respectively. It improves by two rounds compared with the previous best attack.

• Seong Gyeom KIM, Seung Joon LEE, Deukjo HONG, Jaechul SUNG, Seokhie HO ...
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1272-1284
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

A noise source is an essential component of random bit generator, and is either an application or a device to provide entropy from analog noise. In 2008, Colesa et al. first proposed two software strategies for constructing noise source based on race conditions. However, Colesa et al.'s designs require a lot of threads and even suffer from a low bit rate. Moreover, setting a parameter for each system is complicated since the parameter is related to the entropy and the bit rate at the same time. In this paper, we propose new constructions of noise source based on race conditions. We call them NSRC-1 and NSRC-2. The bit rate of our designs is improved by up to 819 times higher on multi-core systems with high entropy. The parameter adjustment becomes straightforward by removing the relation between the parameter and the entropy. Additionally, since NSRC-1 and 2 require only two threads at once, they are more available software-based methods for harvesting entropy not only on general devices but also on mobile devices.

• Masayuki ABE, Fumitaka HOSHINO, Miyako OHKUBO
Type: PAPER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1285-1292
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

We propose a simple framework for evaluating the performance of pairing-based cryptographic schemes for various types of curves and parameter settings. The framework, which we call ‘Opcount’, enables the selection of an appropriate curve and parameters by estimating the performance of a cryptographic scheme from a pseudo-code describing the cryptographic scheme and an implementation-information database that records the performance of basic operations in curves targeted for evaluation. We apply Opcount to evaluate and compare the computational efficiency of several structure-preserving signature schemes that involve tens of pairing products in their signature verification. In addition to showing the usefulness of Opcount, our experiments also reveal the overlooked importance of taking account of the properties of underlying curves when optimizing computations and demonstrate the impact of tight security reductions.

• Jong-Woo LEE, Ki-Sang HONG
Type: PAPER
Subject area: Vision
2019 Volume E102.A Issue 9 Pages 1293-1302
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

We propose a class-incremental learning framework for human activity recognition based on the Bag-of-Sequencelets model (BoS). The framework updates learned models efficiently without having to relearn them when training data of new classes are added. In this framework, all types of features including hand-crafted features and Convolutional Neural Networks (CNNs) based features and combinations of those features can be used as features for videos. Compared with the original BoS, the new framework can reduce the learning time greatly with little loss of classification accuracy.

• Biao WU, Xiaoan BAO, Na ZHANG, Hiromu MORITA, Mitsuru NAKATA, Qi-Wei G ...
Type: PAPER
Subject area: Mathematical Systems Science
2019 Volume E102.A Issue 9 Pages 1303-1311
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

Software testing is an important problem to design a large software system and it is difficult to be solved due to its computational complexity. We try to use program nets to approach this problem. As the first step towards solving software testing problem, this paper provides a technique to generate subnets of a program net and applies this technique to software testing. Firstly, definitions and properties of program nets are introduced based on our previous works, and the explanation of software testing problem is given. Secondly, polynomial algorithms are proposed to generate subnets that can cover all the given program net. Finally, a case study is presented to show how to find subnets covering a given program net by using the proposed algorithms, as well as to show the input test data of the program net for software testing.

• Di YAO, Xin ZHANG, Qiang YANG, Weibo DENG
Type: LETTER
Subject area: Digital Signal Processing
2019 Volume E102.A Issue 9 Pages 1312-1316
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

To solve the problem of nonhomogeneous clutter suppression for moving target detection in High Frequency Surface Wave Radar (HFSWR), a novel nonhomogeneous clutter detector (NHD) is present in this paper. This novel NHD makes an analysis for the clutter constituents with single snapshot based on the over-determined linear equations in space-time adaptive processing (STAP) and distinguish the nonhomogeneous secondary data from the whole secondary data set through calculating the correlation coefficients of the secondary data.

• Akira TANAKA, Hideyuki IMAI
Type: LETTER
Subject area: Numerical Analysis and Optimization
2019 Volume E102.A Issue 9 Pages 1317-1320
Published: September 01, 2019
Released: September 01, 2019
JOURNALS RESTRICTED ACCESS

A fast cross-validation algorithm for model selection in kernel ridge regression problems is proposed, which is aiming to further reduce the computational cost of the algorithm proposed by An et al. by eigenvalue decomposition of a Gram matrix.

• Deng TANG
Type: LETTER
Subject area: Cryptography and Information Security
2019 Volume E102.A Issue 9 Pages 1321-1325
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

Boolean functions used in the filter model of stream ciphers should have balancedness, large nonlinearity, optimal algebraic immunity and high algebraic degree. Besides, one more criterion called strict avalanche criterion (SAC) can be also considered. During the last fifteen years, much work has been done to construct balanced Boolean functions with optimal algebraic immunity. However, none of them has the SAC property. In this paper, we first present a construction of balanced Boolean functions with SAC property by a slight modification of a known method for constructing Boolean functions with SAC property and consider the cryptographic properties of the constructed functions. Then we propose an infinite class of balanced functions with optimal algebraic immunity and SAC property in odd number of variables. This is the first time that such kind of functions have been constructed. The algebraic degree and nonlinearity of the functions in this class are also determined.

• Geonu KIM, Jungwoo LEE
Type: LETTER
Subject area: Coding Theory
2019 Volume E102.A Issue 9 Pages 1326-1329
Published: September 01, 2019
Released: September 01, 2019
JOURNALS FREE ACCESS

The Gabidulin-based locally repairable code (LRC) construction by Silberstein et al. is an important example of distance optimal (r,δ)-LRCs. Its distance optimality has been further shown to cover the case of multiple (r,δ)-locality, where the (r,δ)-locality constraints are different among different symbols. However, the optimality only holds under the ordered (r,δ) condition, where the parameters of the multiple (r,δ)-locality satisfy a specific ordering condition. In this letter, we show that Gabidulin-based LRCs are still distance optimal even without the ordered (r,δ) condition.