• Proceedings of the IEEK Conference
• /
• 2000.06c
• /
• pp.81-84
• /
• 2000

Scheduling algorithm proposed in this paper is based on both DWRR(Dynamic Weighed Round Robin) method and QLT(Queue Length Threshold) method. The proposed scheduling algorithm guarantees delay property of realtime traffic, not considered in previous DWRR method, with serving realtime traffic preferentially by using RR(Round Robin) method which service each channel equally and QLT algorithm that is dynamic time priority method. Proposed cell scheduling algorithm may increase some complexity over conventional DWRR scheme because of delay priority based cell transmission method. However, due to reliable ABR service and congesition avoidance capacity, proposed scheduling algorithm has good performance over conventional DWRR scheme. Also, delay property based cell transmission method in proposed algorithm minimizes cell delay and requires less temporary buffer size

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.52 no.6
• /
• pp.365-371
• /
• 2003

Input queued switch is useful for high bandwidth switches and routers because of lower complexity and fewer circuits than output queued. The input queued switch, however, suffers the HOL-Blocking, which limits its throughput to 58%. To overcome HOL-Blocking problem, many input-queued switch controlled by a scheduling algorithm. Most scheduling algorithms are implemented based on a centralized scheduler which restrict the design of the switch architecture. In this paper, we propose a simple scheduler called Pipelined Round Robin (PRR) which is intrinsically distributed by each input port. We presents to show the effectiveness of the proposed scheduler.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4548-4559
• /
• 2018

Conditional differential attack against NFSR-based cryptosystems proposed by Knellwolf et al. in Asiacrypt 2010 has been widely used for analyzing round-reduced Grain v1. In this paper, we present improved conditional differential attacks on Grain v1 based on a factorization simplification method, which makes it possible to obtain the expressions of internal states in more rounds and analyze the expressions more precisely. Following a condition-imposing strategy that saves more IV bits, Sarkar's distinguishing attack on Grain v1 of 106 rounds is improved to a key recovery attack. Moreover, we show new distinguishing attack and key recovery attack on Grain v1 of 107 rounds with lower complexity O($2^{34}$) and appreciable theoretical success probability 93.7%. Most importantly, our attacks can practically recover key expressions with higher success probability than theoretical results.

• 제어로봇시스템학회:학술대회논문집
• /
• 1992.10a
• /
• pp.923-926
• /
• 1992

ARMA fast Transversal filter(FTF) algorithm solves the extended least squres estimation problems in a very efficient way. But unfortunately, it exhibits a very unstable behavior, due to the accumulation of round-off errors. So, in this paper, two effective method to stabilize ARMA FTF algorithm is proposed. They are based on the analysis of the propagation of the numerical errors according to a first order linear model. The proposed methods modify the numerical properties of the variables responsible for the numerical instability, while proeserving the theoretical form of the algorithm. The proposed algorithms still have the nice complexity properties of the original algorithm, but have a much more stable brhavior.

• Journal of the Institute of Electronics Engineers of Korea SD
• /
• v.45 no.8
• /
• pp.67-74
• /
• 2008

A compact and high-performance AES(Advanced Encryption Standard) encryption/decryption processor is designed by applying various hardware sharing and optimization techniques. In order to achieve minimized hardware complexity, sharing the S-Boxes for round transformation with the key scheduler, as well as merging and reusing datapaths for encryption and decryption are utilized, thus the area of S-Boxes is reduced by 25%. Also, the S-Boxes which require the largest hardware in AES processor is designed by applying composite field arithmetic on $GF(((2^2)^2)^2)$, thus it further reduces the area of S-Boxes when compared to the design based on $GF(2^8)$ or $GF((2^4)^2)$. By optimizing the operation of the 64-bit round transformation and round key scheduling, the round transformation is processed in 3 clock cycles and an encryption of 128-bit data block is performed in 31 clock cycles. The designed AES processor has about 15,870 gates, and the estimated throughput is 412.9 Mbps at 100 MHz clock frequency.

• Journal of KIISE:Computer Systems and Theory
• /
• v.33 no.1_2
• /
• pp.110-118
• /
• 2006

Cryptographic protocol design in a two-party setting has of tel ignored the possibility of simultaneous message transmission by each of the two parties (i.e., using a duplex channel). In particular, most protocols for two-party key exchange have been designed assuming that parties alternate sending their messages (i.e., assuming a bidirectional half-duplex channel). However, by taking advantage of the communication characteristics of the network it may be possible to design protocols with improved latency. This is the focus of the present work. We present three provably-secure protocols for two-party authenticated key exchange (AKE) which require only a single round. Our first, most efficient protocol provides key independence but not forward secrecy. Our second scheme additionally provides forward secrecy but requires some additional computation. Security of these two protocols is analyzed in the random oracle model. Our final protocol provides the same strong security guarantees as our second protocol, but is proven secure in the standard model. This scheme is only slightly less efficient (from a computational perspective) than the previous ones. Our work provides the first provably- secure one-round protocols for two-party AKE which achieve forward secrecy.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.113-119
• /
• 2004

Exponentiation is widely used in practical applications related with cryptography, and as the discrete log is easily solved in case of a low exponent n, a large exponent n is needed for a more secure system. However. since the time complexity for exponentiation algorithm increases in proportion to the n figure, the development of an exponentiation algorithm that can quickly process the results is becoming a crucial problem. In this paper, we propose a parallel exponentiation algorithm which can reduce the number of rounds with a fixed number of processors, where the field elements are in GF($2^m$), and also analyzed the round bound of the proposed algorithm. The proposed method uses window method which divides the exponent in a particular bit length and make idle processors in window value computation phase to multiply some terms of windows where the values are already computed. By this way. the proposed method has improved round bound.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11C
• /
• pp.1098-1105
• /
• 2009

In this paper, we propose an asynchronous UWB (Ultra Wide Band) Positioning scheme that can provide precise positioning performance with low complexity and low power consumption. We also present the residual test to improve the positioning performance in multipath channels having heavy NLoS (Non-Line of Sight) components. As compared to conventional ToA (Time of Arrival) positioning scheme that requires round-trip transmissions as many as the number of beacons, the proposed UWB positioning scheme effectively decrease power consumption and processing delay since a single round-trip transmission is only required. Also, as compared to conventional TDoA (Time Difference of Arrival) positioning scheme requiring precise synchronization among the beacons, asynchronous nature of the proposed scheme achieves very low system complexity. Through simulations in LoS (Line of Sight) channel models, we observe that the proposed scheme requires low system complexity, low power consumption, while providing positioning performance of almost the same accuracy as the conventional ToA and TDoA positioning schemes. In addition, the proposed scheme by employing the residual test achieves accurate positioning performance even in multipath channels having heavy NLoS components.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.5
• /
• pp.765-777
• /
• 2022

The SABER algorithm, a PKE/KEM algorithm presented in NIST PQC Standardization Round 3, is an algorithm based on the Module-LWR problem among lattice-based problems and has a Meta-PKE structure. At this time, the secret information used in the encryption process is called a ephemeral key, and in this paper, the ephemeral key reuse attack using the Meta-PKE structure is described. For each parameter satisfying the security strengths required by NIST, we present a detailed analysis of the previous studies attacked using 4, 6, and 6 queries, and improve them, using only 3, 4, and 4 queries. In addition, we introduce how to reduce the computational complexity of recovering ephemeral keys with a single query from the brute-force complexity on the n-dimension lattice, 2^7.91×n, 2^10.51×n, 2^12.22×n to 2^4.91×n, 2^6.5×n, 2^6.22×n, for each parameter, and present the results and limitations.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.32 no.7B
• /
• pp.448-454
• /
• 2007

This paper proposes an estimation method of number of tags which may be necessary in improving anti-collision performance for ALOHA-based RFID systems. In ALOHA-based anti-collision algorithms, since the performance of the multi tag identification can be improved by allocating the optimal slot size corresponding to the number of tags, it is needed to exactly estimate the number of tags. The proposed method uses the a priori knowledge of the relation between the expectation of the number of empty slots and the number of tags. After measuring the number of empty slots in one ROUND, we estimate the number of tags which corresponds to the expectation of the number of empty slots nearest to the measured one. Simulation results show that the proposed method is superior to conventional methods in terms of the estimation accuracy and the computational complexity.