Study on the Effect of Mn,Zn, and Sb on Undercooling Behavior of Sn-Ag-Cu Alloys Using Differential Thermal Analysis

Differential thermal analysis (DTA) has been conducted on directionally solidified near-eutectic Sn-3.0 wt.%Ag-0.5 wt.%Cu (SAC), SAC \(+\) 0.2 wt.%Sb, SAC \(+\) 0.2 wt.%Mn, and SAC \(+\) 0.2 wt.%Zn. Laser ablation inductively coupled plasma mass spectroscopy was used to study element partitioning behavior and estimate DTA sample compositions. Mn and Zn additives reduced the undercooling of SAC from 20.4\(^\circ \hbox {C}\) to \(4.9^\circ \hbox {C}\) and \(2^\circ \hbox {C}\), respectively. Measurements were performed at cooling rate of \(10^\circ \hbox {C}\) per minute. After introducing 200 ppm \(\hbox {O}_2\) into the DTA, this undercooling reduction ceased for SAC \(+\) Mn but persisted for SAC \(+\) Zn.     

Key-Recovery Attacks on <Emphasis FontCategory="SansSerif">ASASA</Emphasis>

The \(\mathsf {ASASA}\) construction is a new design scheme introduced at Asiacrypt 2014 by Biryukov, Bouillaguet and Khovratovich. Its versatility was illustrated by building two public-key encryption schemes, a secret-key scheme, as well as super S-box subcomponents of a white-box scheme. However, one of the two public-key cryptosystems was recently broken at Crypto 2015 by Gilbert, Plût and Treger. As our main contribution, we propose a new algebraic key-recovery attack able to break at once the secret-key scheme as well as the remaining public-key scheme, in time complexity \(2^{63}\) and \(2^{39}\), respectively (the security parameter is 128 bits in both cases). Furthermore, we present a second attack of independent interest on the same public-key scheme, which heuristically reduces the problem of breaking the scheme to an \(\mathsf {LPN}\) instance with tractable parameters. This allows key recovery in time complexity \(2^{56}\). Finally, as a side result, we outline a very efficient heuristic attack on the white-box scheme, which breaks instances claiming 64 bits of security under one minute on a laptop computer.     

Integral Cryptanalysis on Full MISTY1

MISTY1 is a block cipher designed by Matsui in 1997. It was well evaluated and standardized by projects, such as CRYPTREC, ISO/IEC, and NESSIE. In this paper, we propose a key recovery attack on the full MISTY1, i.e., we show that 8-round MISTY1 with 5 FL layers does not have 128-bit security. Many attacks against MISTY1 have been proposed, but there is no attack against the full MISTY1. Therefore, our attack is the first cryptanalysis against the full MISTY1. We construct a new integral characteristic by using the propagation characteristic of the division property, which was proposed in EUROCRYPT 2015. We first improve the division property by optimizing the division property for a public S-box and then construct a 6-round integral characteristic on MISTY1. Finally, we recover the secret key of the full MISTY1 with \(2^{63.58}\) chosen plaintexts and \(2^{121}\) time complexity. Moreover, if we use \(2^{63.994}\) chosen plaintexts, the time complexity for our attack is reduced to \(2^{108.3}\). Note that our cryptanalysis is a theoretical attack. Therefore, the practical use of MISTY1 will not be affected by our attack.     

The $$\mathbb {}$$-curve Construction for Endomorphism-Accelerated Elliptic Curves

We give a detailed account of the use of \(\mathbb {Q}\)-curve reductions to construct elliptic curves over \(\mathbb {F}_{p^2}\) with efficiently computable endomorphisms, which can be used to accelerate elliptic curve-based cryptosystems in the same way as Gallant–Lambert–Vanstone (GLV) and Galbraith–Lin–Scott (GLS) endomorphisms. Like GLS (which is a degenerate case of our construction), we offer the advantage over GLV of selecting from a much wider range of curves and thus finding secure group orders when \(p\) is fixed for efficient implementation. Unlike GLS, we also offer the possibility of constructing twist-secure curves. We construct several one-parameter families of elliptic curves over \(\mathbb {F}_{p^2}\) equipped with efficient endomorphisms for every \(p > 3\), and exhibit examples of twist-secure curves over \(\mathbb {F}_{p^2}\) for the efficient Mersenne prime \(p = 2^{127}-1\).     

$$L_{1}$$-norm constrained normalized subband adaptive filter algorithm with variable norm-bound parameter and improved version

The \(L_{1}\)-norm constrained normalized subband adaptive filter with variable norm-bound parameter \((L_{1}\hbox {NCNSAF-V})\) algorithm and its variable step size version VSS-\(L_{1}\)NCNSAF-V are proposed in this paper, which are more superior to some existing algorithms in the sparse system. The proposed \(L_{1}\)NCNSAF-V is derived by using the Lagrange multiplier method, and the VSS-\(L_{1}\)NCNSAF-V is obtained by minimizing the statistical square of the Euclidean norm of the noise-free subband a posterior error vector. The simulation results demonstrate that the proposed algorithms achieve good performance.     

Correction to: A subthreshold low-power CMOS LC-VCO with high immunity to PVT variations

This paper presents a capacitor-free low dropout (LDO) linear regulator based on a dual loop topology. The regulator utilizes two feedback loops to satisfy the challenges of hearing aid devices, which include fast transient performance and small voltage spikes under rapid load-current changes. The proposed design works without the need of a decoupling capacitor connected at the output and operates with a 0–100 pF capacitive load. The design has been taped out in a \(0.18\,\upmu \hbox {m}\) CMOS process. The proposed regulator has a low component count, area of \(0.012\, \hbox {mm}^2\) and is suitable for system-on-chip integration. It regulates the output voltage at 0.9 V from a 1.0–1.4 V supply. The measured results for a current step load from 250 to 500 \(\upmu \hbox {A}\) with a rise and fall time of \(1.5\,\upmu \hbox {s}\) are an overshoot of 26 mV and undershoot of 26 mV with a settling time of \(3.5\,\upmu \hbox {s}\) when \({C_L}\) between 0 and 100 pF. The proposed LDO regulator consumes a quiescent current of only \(10.5\,\upmu \hbox {A}\). The design is suitable for application with a current step edge time of 1 ns while maintaining \(\Delta V_{out}\) of 64 mV.     

Error performance of optically preamplified hybrid BPSK-PPM systems with transmitter and receiver imperfections

In this paper, we investigate the impact of the transmitter finite extinction ratio and the receiver carrier recovery phase offset on the error performance of two optically preamplified hybrid M-ary pulse position modulation (PPM) systems with coherent detection. The first system, referred to as PB-mPPM, combines polarization division multiplexing (PDM) with binary phase-shift keying and M-ary PPM, and the other system, referred to as PQ-mPPM, combines PDM with quadrature phase-shift keying and M-ary PPM. We provide new expressions for the probability of bit error for PB-mPPM and PQ-mPPM under finite extinction ratios and phase offset. The extinction ratio study indicates that the coherent systems PB-mPPM and PQ-mPPM outperform the direct-detection ones. It also shows that at \(P_b=10^{-9}\) PB-mPPM has a slight advantage over PQ-mPPM. For example, for a symbol size \(M=16\) and extinction ratio \(r=30\) dB, PB-mPPM requires 0.6 dB less SNR per bit than PQ-mPPM to achieve \(P_b=10^{-9}\). This investigation demonstrates that PB-mPPM is less complex and less sensitive to the variations of the offset angle \(\theta \) than PQ-mPPM. For instance, for \(M=16\), \(r=30\) dB, and \(\theta =10^{\circ }\) PB-mPPM requires 1.6 dB less than PQ-mPPM to achieve \(P_b=10^{-9}\). However, PB-mPPM enhanced robustness to phase offset comes at the expense of a reduced bandwidth efficiency when compared to PQ-mPPM. For example, for \(M=2\) its bandwidth efficiency is 60 % that of PQ-mPPM and \(\approx 86\,\%\) for \(M=1024\). For these reasons, PB-mPPM can be considered a reasonable design trade-off for M-ary PPM systems.     

Intermittent Fault Diagnosability of Hyper Petersen Network

The problem of permanent fault diagnosis has been discussed widely, and the diagnosability of many well-known networks have been explored. Faults of a multiprocessor system generally include permanent and intermittent, with intermittent faults regarded as the most challenging to diagnose. In this paper, we investigate the intermittent fault diagnosability of hyper Petersen networks. First, we derive that an \(n\)-dimensional hyper Petersen network \(HP_{n}\) with fault-free edges is \((n - 1)_{i}\)-diagnosable under the PMC model. Then, we investigate the intermittent fault diagnosability of \(HP_{n}\) with faulty edges under the PMC model. Finally, we prove that an \(n\)-dimensional hyper Petersen network \(HP_{n}\) is \((n - 2)_{i}\)-diagnosable under the MM* model.     

Effects of Multiple Stacking Faults on the Electronic and Optical Properties of Armchair MoS$$_{}$$ Nanoribbons: First-Principles Calculations

The electronic and optical properties of armchair MoS\(_{2}\) nanoribbons with multiple stacking faults are investigated using first-principles calculations. It’s interesting that the band gaps approach zero for armchair MoS\(_{2}\) nanoribbons with two and four stacking faults. The gaps of armchair MoS\(_{2}\) nanoribbons with one stacking fault and three stacking faults are converged to 0.46 eV and 0.36 eV, respectively, which is smaller than perfect MoS\(_{2}\) nanoribbons. The partial charge density of armchair MoS\(_{2}\) nanoribbons with two stacking faults shows that the defect levels are originated from stacking faults. The frequency-dependent optical response (dielectric function, absorption, reflectance and electron energy loss spectra) is also presented. The optical results of monolayer MoS\(_{2}\) are in agreement with previous study. The peaks in the imaginary part of perfect armchair MoS\(_{2}\) nanoribbons are about 2.8 eV, 4.0 eV and 5.4 eV and the peaks of the imaginary part of armchair MoS\(_{2}\) nanoribbons with stacking faults are mainly 2.8 eV and 5.4 eV. They are independent of ribbon width. The peaks in electron energy loss spectra move toward larger wavelengths (redshift) due to the introduction of stacking faults.     

A Low-Voltage Fully Differential Pure Current Mode Current Operational Amplifier

In this paper a novel high-frequency fully differential pure current mode current operational amplifier (COA) is proposed that is, to the authors’ knowledge, the first pure MOSFET Current Mode Logic (MCML) COA in the world, so far. Doing fully current mode signal processing and avoiding high impedance nodes in the signal path grant the proposed COA such outstanding properties as high current gain, broad bandwidth, and low voltage and low-power consumption. The principle operation of the block is discussed and its outstanding properties are verified by HSPICE simulations using TSMC \(0.18\,\upmu \hbox {m}\) CMOS technology parameters. Pre-layout and Post-layout both plus Monte Carlo simulations are performed under supply voltages of \(\pm 0.75\,\hbox {V}\) to investigate its robust performance at the presence of fabrication non-idealities. The pre-layout plus Monte Carlo results are as; 93 dB current gain, \(8.2\,\hbox {MHz}\,\, f_{-3\,\text {dB}}, 89^{\circ }\) phase margin, 137 dB CMRR, 13 \(\Omega \) input impedance, \(89\,\hbox {M}\Omega \) output impedance and 1.37 mW consumed power. Also post-layout plus Monte Carlo simulation results (that are generally believed to be as reliable and practical as are measuring ones) are extracted that favorably show(in abovementioned order of pre-layout) 88 dB current gain, \(6.9\,\hbox {MHz} f_{-3\text {db}} , 131^{\circ }\) phase margin and 96 dB CMRR, \(22\,\Omega \) input impedance, \(33\,\hbox {M}\Omega \) output impedance and only 1.43 mW consumed power. These results altogether prove both excellent quality and well resistance of the proposed COA against technology and fabrication non-idealities.     

Practical Cryptanalysis of Bluetooth Encryption with Condition Masking

In this paper, we study the security of a general two-level E0-like encryption model and its instance, the real-world Bluetooth encryption scheme. Both unconditional and conditional correlation properties of the two-level model are investigated in theory and a key-recovery framework based on condition masking, that studies how to choose the condition to get better tradeoffs on the time/memory/data complexity curve, is refined. A novel design criterion to resist the attack is proposed and analyzed. Inspired by these cryptanalytic principles, we describe more threatening and real time attacks on two-level E0. It is shown that only the latest four inputs going into the FSM play the most important role in determining the magnitude of the conditional correlation and the data complexity analysis of the previous practical attacks on two-level E0 are inaccuracy. A new decoding method to improve the data complexity is provided. In the known-IV scenario, if the first 24 bits of \(2^{24}\) frames are available, the secret key can be reliably found with \(2^{25}\) on-line computations, \(2^{21.1}\) off-line computations and 4 MB memory. Then, we convert the attack into a ciphertext-only attack, which needs the first 24 bits of \(2^{26}\) frames and all the complexities are under \(2^{26}\). This is the first practical ciphertext-only attack on the real Bluetooth encryption scheme so far. A countermeasure is suggested to strengthen the security of Bluetooth encryption in practical applications.     

A PAPR reduction scheme based on a new spreading code in optical direct detection OFDM system

In this paper, we propose and experimentally demonstrate a peak-to-average power ratio (PAPR) reduction scheme based on a new spreading code in direct detection optical orthogonal frequency division multiplexing (OFDM) system. The new spreading code with low cross correlation and high auto-correlation can support \(2N+1\) users. Thus, \(2N+1\) users or data symbols can be transmitted over only N subcarriers. The experimental results show that, after transmission over 70 km single-mode fiber, at the bit error rate of \(10^{-3}\), with fiber launch power of 2.75 dBm, the receiver sensitivity can be improved 2.1 dB by using the proposed scheme based on new spreading code. The PAPR can be reduced about 4.6 dB, compared with the original OFDM signal at a complementary cumulative distribution function of \(10^{-4}\).     

Design and Performance Study of Dynamic Fractors in Any of the Four Quadrants

A fractor is a simple fractional-order system. Its transfer function is \(1/Fs^{\alpha }\); the coefficient, F, is called the fractance, and \(\alpha \) is called the exponent of the fractor. This paper presents how a fractor can be realized, using RC ladder circuit, meeting the predefined specifications on both F and \(\alpha \). Besides, commonly reported fractors have \(\alpha \) between 0 and 1. So, their constant phase angles (CPA) are always restricted between \(0^{\circ }\) and \(-90^{\circ }\). This work has employed GIC topology to realize fractors from any of the four quadrants, which means fractors with \(\alpha \) between \(-\)2 and +2. Hence, one can achieve any desired CPA between \(+180^{\circ }\) and \(-180^{\circ }\). The paper also exhibits how these GIC parameters can be used to tune the fractance of emulated fractors in real time, thus realizing dynamic fractors. In this work, a number of fractors are developed as per proposed technique, their impedance characteristics are studied, and fractance values are tuned experimentally.     

A 0.36 μW/channel recorder for external ambulatory ECG recorders

There is an increasing demand for long-term ECG monitoring applications which are very low power, small size and capable of wireless data transmission. This paper presents an analog front-end and also modulator for long-term ECG recording purpose. The fully integrated system features three independent channels and a modulator. The analog front-end includes a voltage-to-time conversion and a tunable modulator to achieve a very low power consumption for wireless transmission of the data without analog to digital converter. The proposed system is designed and simulated in a \(0.18\,\upmu \hbox {m}\) CMOS technology and occupies only \(0.245\,\mathrm{mm}^{2}\). It can record ECG signal with 9.2-bit resolution while consuming only \(0.36\,\upmu {\mathrm{W}}\) per channel from a 0.9 V supply. Also, it can transmit data consuming just \(0.72\,{\upmu }\mathrm{W}\) per channel from a 0.9 V supply. The input referred noise of the readout channel is \(2.01\,\upmu {\mathrm{V}}_{{{\rm rms}}}\).     

High-Accuracy Time-Mode Duty-Cycle-Modulation-Based Temperature Sensor for Energy-Efficient System Applications

This paper presents a new time-mode duty-cycle-modulation-based high-accuracy temperature sensor. Different from the well-known \({\varSigma }{\varDelta }\) ADC-based readout structure, this temperature sensor utilizes a temperature-dependent oscillator to convert the temperature information into temperature-related time-mode parameter values. The useful output information of the oscillator is the duty cycle, not the absolute frequency. In this way, this time-mode duty-cycle-modulation-based temperature sensor has superior performance over the conventional inverter-chain-based time domain types. With a linear formula, the duty-cycle output streams can be converted into temperature values. The design is verified in 65nm standard digital CMOS process. The verification results show that the worst temperature inaccuracy is kept within 1\(\,^{\circ }\mathrm{C}\) with a one-point calibration from \(-\)55 to 125 \(^{\circ }\mathrm{C}\). At room temperature, the average current consumption is only 0.8 \(\upmu \)A (1.1\(\,\upmu \)A in one phase and 0.5 \(\upmu \)A in the other) with 1.2 V supply voltage, and the total energy consumption for a complete measurement is only 0.384 \({\hbox {nJ}}\).     

New refractive index profiles of dispersion-flattened highly nonlinear fibers for future all-optical signal processing in wdm optical networks

In this paper, we demonstrate new dissimilar refractive index profiles for highly nonlinear ultra-flattened dispersion fibers with noteworthy effective area \((A_\mathrm{eff})\) for future optical signal processing. The newly proposed fibers named from Type 1 to Type 5 have a flattened dispersion over S, C, L and U bands. Predominantly, few-mode HNL-UFF fiber of Type 3 yields dispersion-flattened characteristics over a range of 250 nm of optical communication spectrum with a mere 0.2 ps/nm km variation in dispersion and a dispersion slope of \(0.0057\hbox { ps}/\hbox {nm}^{2}\) km due to the contribution of higher-order modes to the dispersion characteristics of the fiber. Moreover, it has a moderate nonlinear coefficient of \(8.03\hbox { W}^{-1}\,\hbox {km}^{-1}\). By modifying the refractive index profile of Type 3 fiber, Type 4 and Type 5 fibers are obtained in order to ensure single-mode operation, while the zero flattened dispersion characteristics of the fiber are compromised. Among the newly proposed fibers, Type 4 fiber offers a very low ITU-T cutoff wavelength of \(1.33~\upmu \hbox {m}\), whereas in the case of Type 5 fiber it is \(1.38~\upmu \hbox {m}\). Moreover, Type 4 and Type 5 fibers have good nonlinear coefficients of \(12.26\hbox { W}^{-1}\,\hbox {km}^{-1}\) and \(11.45\hbox { W}^{-1}\,\hbox {km}^{-1}\), respectively. By virtue of the proposed optimized index profile, an insensitive behavior toward bending is displayed by Type 3, Type 4 and Type 5 fibers. In addition, Type 4 fiber provides a better splice loss of 0.25 dB.     

Providing traffic tolerance in optical packet switching networks: a reinforcement learning approach

The servitization of network resources leads to new challenges for optical networks. For instance, to provide on-demand lightpaths as a service while keeping the probability of packet loss (PPL) low, issues such as lightpath setting up, resource reservation and load balancing must be addressed. We present a self-adaptive framework to process lightpath requests on packet switching optical networks that considers and handles the aforementioned issues. The framework is composed of a dimensioning phase that adds up new resources to an initial topology and a learning phase based on reinforcement learning that provides self-adaptation to tolerate traffic changes. The framework is tested on three realistic mesh topologies achieving a PPL between \(1 \times 10^{-1}\) and \(1 \times 10^{-6}\) for different traffic loads. Compared to fixed multi-path routing strategies, our framework reduces PPL between \(19\%\) and up to \(80\%\). Furthermore, no packet loss can also be achieved for traffic loads equal to or lower than 0.4.     

Capacity and Channel Coding for Wireless Point-to-Point <Emphasis Type="Italic">Z</Emphasis><Superscript>2</Superscript> Channel

In this paper, we derive the capacity of the asymmetric \({\text{Z}}^{2}\)-channel, which has been presented for the first time as an optimization problem. Similar to the Z-Channel, the proposed \({\text{Z}}^{2}\)-channel can be modelled as a practical interference wireless channel. In addition, the capacity behavior of \({\text{Z}}^{2}\)-channel is discussed and some examples and simulation results for the capacity is presented. Also a code plan has been applied for \({\text{Z}}^{2}\)-channel, based on repetition code to simulate its performance and compare it with the original Z-channel. In conclusion, simulation results show that the \({\text{Z}}^{2}\)-channel can be used widely for different operating points.     

The Security of Tandem-DM in the Ideal Cipher Model

We prove that Tandem-DM, one of the two “classical” schemes for turning an n-bit blockcipher of 2n-bit key into a double-block-length hash function, has birthday-type collision resistance in the ideal cipher model. For \(n=128\), an adversary must make at least \(2^{120.87}\) blockcipher queries to achieve chance 0.5 of finding a collision. A collision resistance analysis for Tandem-DM achieving a similar birthday-type bound was already proposed by Fleischmann, Gorski and Lucks at FSE 2009. As we detail, however, the latter analysis is wrong, thus leaving the collision resistance of Tandem-DM as an open problem until now. Our analysis exhibits a novel feature in that we introduce a trick never used before in ideal cipher proofs. We also give an improved bound on the preimage security of Tandem-DM. For \(n=128\), we show that an adversary must make at least \(2^{245.99}\) blockcipher queries to achieve chance 0.5 of inverting a randomly chosen point in the range. Asymptotically, Tandem-DM is proved to be preimage resistant up to \(2^{2n}/n\) blockcipher queries. This bound improves upon the previous best bound of \({{\varOmega }}(2^n)\) queries and is optimal (ignoring log factors) since Tandem-DM has range of size \(2^{2n}\).