start-ver=1.4 cd-journal=joma no-vol=22 cd-vols= no-issue=13 article-no= start-page=4909 end-page= dt-received= dt-revised= dt-accepted= dt-pub-year=2022 dt-pub=20220629 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A Business-to-Business Collaboration System That Promotes Data Utilization While Encrypting Information on the Blockchain en-subtitle= kn-subtitle= en-abstract= kn-abstract=Ensuring the reliability of data gathering from every connected device is an essential issue for promoting the advancement of the next paradigm shift, i.e., Industry 4.0. Blockchain technology is becoming recognized as an advanced tool. However, data collaboration using blockchain has not progressed sufficiently among companies in the industrial supply chain (SC) that handle sensitive data, such as those related to product quality, etc. There are two reasons why data utilization is not sufficiently advanced in the industrial SC. The first is that manufacturing information is top secret. Blockchain mechanisms, such as Bitcoin, which uses PKI, require plaintext to be shared between companies to verify the identity of the company that sent the data. Another is that the merits of data collaboration between companies have not been materialized. To solve these problems, this paper proposes a business-to-business collaboration system using homomorphic encryption and blockchain techniques. Using the proposed system, each company can exchange encrypted confidential information and utilize the data for its own business. In a trial, an equipment manufacturer was able to identify the quality change caused by a decrease in equipment performance as a cryptographic value from blockchain and to identify the change one month earlier without knowing the quality value. en-copyright= kn-copyright= en-aut-name=NasuHiroaki en-aut-sei=Nasu en-aut-mei=Hiroaki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=KoderaYuta en-aut-sei=Kodera en-aut-mei=Yuta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= affil-num=1 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=2 en-affil=Faculty of Natural Science and Technology, Okayama University kn-affil= affil-num=3 en-affil=Faculty of Natural Science and Technology, Okayama University kn-affil= en-keyword=business-to-business data collaboration kn-keyword=business-to-business data collaboration en-keyword=industrial supply chain kn-keyword=industrial supply chain en-keyword=blockchain kn-keyword=blockchain en-keyword=homomorphic encryption kn-keyword=homomorphic encryption END start-ver=1.4 cd-journal=joma no-vol=24 cd-vols= no-issue=6 article-no= start-page=780 end-page= dt-received= dt-revised= dt-accepted= dt-pub-year=2022 dt-pub=20220531 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Transition Probability Test for an RO-Based Generator and the Relevance between the Randomness and the Number of ROs en-subtitle= kn-subtitle= en-abstract= kn-abstract=A ring oscillator is a well-known circuit used for generating random numbers, and interested readers can find many research results concerning the evaluation of the randomness with a packaged test suit. However, the authors think there is room for evaluating the unpredictability of a sequence from another viewpoint. In this paper, the authors focus on Wold's RO-based generator and propose a statistical test to numerically evaluate the randomness of the RO-based generator. The test adopts the state transition probabilities in a Markov process and is designed to check the uniformity of the probabilities based on hypothesis testing. As a result, it is found that the RO-based generator yields a biased output from the viewpoint of the transition probability if the number of ROs is small. More precisely, the transitions 01 -> 01 and 11 -> 11 happen frequently when the number l of ROs is less than or equal to 10. In this sense, l > 10 is recommended for use in any application, though a packaged test suit is passed. Thus, the authors believe that the proposed test contributes to evaluating the unpredictability of a sequence when used together with available statistical test suits, such as NIST SP800-22. en-copyright= kn-copyright= en-aut-name=KoderaYuta en-aut-sei=Kodera en-aut-mei=Yuta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=SatoRyoichi en-aut-sei=Sato en-aut-mei=Ryoichi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=AliMd Arshad en-aut-sei=Ali en-aut-mei=Md Arshad kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=KusakaTakuya en-aut-sei=Kusaka en-aut-mei=Takuya kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=5 ORCID= affil-num=1 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=2 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=3 en-affil=Department of Computer Science and Engineering, Hajee Mohammad Danesh Science and Technology University (HSTU) kn-affil= affil-num=4 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=5 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= en-keyword=true random number generator kn-keyword=true random number generator en-keyword=ring oscillator kn-keyword=ring oscillator en-keyword=Markov process kn-keyword=Markov process en-keyword=hypothesis testing kn-keyword=hypothesis testing END start-ver=1.4 cd-journal=joma no-vol=23 cd-vols= no-issue=9 article-no= start-page=1168 end-page= dt-received= dt-revised= dt-accepted= dt-pub-year=2021 dt-pub=20210905 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Consideration for Affects of an XOR in a Random Number Generator Using Ring Oscillators en-subtitle= kn-subtitle= en-abstract= kn-abstract=A cloud service to offer entropy has been paid much attention to. As one of the entropy sources, a physical random number generator is used as a true random number generator, relying on its irreproducibility. This paper focuses on a physical random number generator using a field-programmable gate array as an entropy source by employing ring oscillator circuits as a representative true random number generator. This paper investigates the effects of an XOR gate in the oscillation circuit by observing the output signal period. It aims to reveal the relationship between inputs and the output through the XOR gate in the target generator. The authors conduct two experiments to consider the relevance. It is confirmed that combining two ring oscillators with an XOR gate increases the complexity of the output cycle. In addition, verification using state transitions showed that the probability of the state transitions was evenly distributed by increasing the number of ring oscillator circuits. en-copyright= kn-copyright= en-aut-name=SatoRyoichi en-aut-sei=Sato en-aut-mei=Ryoichi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=KoderaYuta en-aut-sei=Kodera en-aut-mei=Yuta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=AliMd. Arshad en-aut-sei=Ali en-aut-mei=Md. Arshad kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=KusakaTakuya en-aut-sei=Kusaka en-aut-mei=Takuya kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=5 ORCID= en-aut-name=Morelos-ZaragozaRobert H. en-aut-sei=Morelos-Zaragoza en-aut-mei=Robert H. kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=6 ORCID= affil-num=1 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=2 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=3 en-affil=Department of Computer Science and Engineering, Hajee Mohammad Danesh Science and Technology University (HSTU) kn-affil= affil-num=4 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=5 en-affil=Graduate School of Natural Science and Technology, Okayama University kn-affil= affil-num=6 en-affil=Department of Electrical Engineering, San José State University kn-affil= en-keyword=entropy kn-keyword=entropy en-keyword=field programmable gate array kn-keyword=field programmable gate array en-keyword=true random number generator kn-keyword=true random number generator en-keyword=period kn-keyword=period en-keyword=ring oscillator kn-keyword=ring oscillator en-keyword=stomatic process kn-keyword=stomatic process en-keyword=state transition kn-keyword=state transition en-keyword=XOR gate kn-keyword=XOR gate END start-ver=1.4 cd-journal=joma no-vol=47 cd-vols= no-issue= article-no= start-page=25 end-page=32 dt-received= dt-revised= dt-accepted= dt-pub-year=2013 dt-pub=201301 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Lazy Random Walk Efficient for Pollard’s Rho Method Attacking on G3 over Barreto-Naehrig Curve (Corrected) en-subtitle= kn-subtitle= en-abstract= kn-abstract=Pairing–based cryptosystems are well implemented with Ate–type pairing over Barreto–Naehrig (BN) curve. Then, for instance, their securities depend on the difficulty of Discrete Logarithm Problem (DLP) on the so–denoted G3 over BN curve. This paper, in order to faster solve the DLP, first proposes to utilize Gauss period Normal Basis (GNB) for Pollard’s rho method, and then considers to accelerate the solving by an adoption of lazy random walk, namely tag tracing technique proposed by Cheon et al. en-copyright= kn-copyright= en-aut-name=NekadoKenta en-aut-sei=Nekado en-aut-mei=Kenta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=TakaiYusuke en-aut-sei=Takai en-aut-mei=Yusuke kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=47 cd-vols= no-issue= article-no= start-page=19 end-page=24 dt-received= dt-revised= dt-accepted= dt-pub-year=2013 dt-pub=201301 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Representation of Torsion Points on Pairing Curves of Embedding Degree 1 en-subtitle= kn-subtitle= en-abstract= kn-abstract=Recent efficient pairings such as Ate pairing use two efficient rational point subgroups such that π(P) = P and π(Q) = [p]Q, where π, p, P, and Q are the Frobenius map for rational point, the characteristic of definition field, and torsion points for pairing, respectively. This relation accelerates not only pairing but also pairing–related operations such as scalar multiplications. It holds in the case that the embedding degree k divides r − 1, where r is the order of torsion rational points. Thus, such a case has been well studied. Alternatively, this paper focuses on the case that the degree divides r + 1 but does not divide r − 1. Then, this paper shows a multiplicative representation for r–torsion points based on the fact that the characteristic polynomial f(π) becomes irreducible over Fr for which π also plays a role of variable. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=SumoTaichi en-aut-sei=Sumo en-aut-mei=Taichi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University en-keyword=pairing–friendly curve kn-keyword=pairing–friendly curve en-keyword=torsion point kn-keyword=torsion point en-keyword=group structure kn-keyword=group structure en-keyword=rank kn-keyword=rank END start-ver=1.4 cd-journal=joma no-vol=37 cd-vols= no-issue=2 article-no= start-page=73 end-page=87 dt-received= dt-revised= dt-accepted= dt-pub-year=2003 dt-pub=200303 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A Fast Implementation of Elliptic Curve Cryptosystem with Prime Order Defined over F(p8) en-subtitle= kn-subtitle= en-abstract= kn-abstract=Public key cryptosystem has many uses, such as to sign digitally, to realize electronic commerce. Especially, RSA public key cryptosystem has been the most widely used, but its key for ensuring sufficient security reaches about 2000 bits long. On the other hand, elliptic curve cryptosystem(ECC) has the same security level with about 7-fold smaller length key. Accordingly, ECC has been received much attention and implemented on various processors even with scarce computation resources. In this paper, we deal with an elliptic curve which is defined over extension field F(p2c) and has a prime order, where p is the characteristic and c is a non negative integer. In order to realize a fast software implementation of ECC adopting such an elliptic curve, a fast implementation method of definition field F(p2c) especially F(p8) is proposed by using a technique called successive extension. First, five fast implementation methods of base field F(p2) are introduced. In each base field implementation, calculation costs of F(p2)-arithmetic operations are evaluated by counting the numbers of F(p)-arithmetic operations. Next, a successive extension method which adopts a polynomial basis and a binomial as the modular polynomial is proposed with comparing to a conventional method. Finally, we choose two prime numbers as the characteristic, and consider several implementations for definition field F(p8) by using five base fields and two successive extension methods. Then, one of these implementations is especially selected and implemented on Toshiba 32-bit micro controller TMP94C251(20MHz) by using C language. By evaluating calculation times with comparing to previous works, we conclude that proposed method can achieve a fast implementation of ECC with a prime order. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=Department of Communication Network Engineering Okayama University affil-num=2 en-affil= kn-affil=Department of Communication Network Engineering Okayama University END start-ver=1.4 cd-journal=joma no-vol=45 cd-vols= no-issue= article-no= start-page=54 end-page=59 dt-received= dt-revised= dt-accepted= dt-pub-year=2011 dt-pub=201101 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Squaring Algorithm Efficient for Cubic Extension Field Derived with Pseudo Gauss Period Normal Basis en-subtitle= kn-subtitle= en-abstract= kn-abstract=Recently, pairing–based cryptographies have attracted much attention. For fast pairing calculation, not only pairing algorithms but also arithmetic operations in extension field should be efficient. Especially for final exponentiation included in pairing calculation, squaring is more important than multiplication. This paper considers squaring algorithms efficient for cubic extension field which is often used for pairing implementaions. en-copyright= kn-copyright= en-aut-name=NekadoKenta en-aut-sei=Nekado en-aut-mei=Kenta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=TakaiYusuke en-aut-sei=Takai en-aut-mei=Yusuke kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Department of Communication Network Engineering, Faculty of Engineering, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=4 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=45 cd-vols= no-issue= article-no= start-page=46 end-page=53 dt-received= dt-revised= dt-accepted= dt-pub-year=2011 dt-pub=201101 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Ordinary Pairing Friendly Curve of Embedding Degree 1 Whose Order Has Two Large Prime Factors en-subtitle= kn-subtitle= en-abstract= kn-abstract=Recently, composite order pairing–based cryptographies have received much attention. The composite order needs to be as large as the RSA modulus. Thus, they require a certain pairing–friendly elliptic curve that has such a large composite order. This paper proposes an efficient algorithm for generating an ordinary pairing–friendly elliptic curve of the embedding degree 1 whose order has two large prime factors as the RSA modulus. In addition, the generated pairing–friendly curve has an efficient structure for the Gallant–Lambert–Vanstone (GLV) method. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=YanagiErika en-aut-sei=Yanagi en-aut-mei=Erika kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=IzutaTetsuya en-aut-sei=Izuta en-aut-mei=Tetsuya kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=4 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=44 cd-vols= no-issue= article-no= start-page=69 end-page=72 dt-received= dt-revised= dt-accepted= dt-pub-year=2010 dt-pub=201001 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Ecient Squaring Algorithm for Xate Pairing with Freeman Curve en-subtitle= kn-subtitle= en-abstract= kn-abstract=Recently, pairing–based cryptographies have attracted much attention. For fast pairing calculation, not only pairing algorithms but also arithmetic operations in extension field should be efficient. Especially for final exponentiation included in pairing calculation, squaring is more important than multiplication. This paper proposes an efficient squaring algorithm in extension field for Freeman curve. en-copyright= kn-copyright= en-aut-name=NekadoKenta en-aut-sei=Nekado en-aut-mei=Kenta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=KatoHidehiro en-aut-sei=Kato en-aut-mei=Hidehiro kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=4 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=44 cd-vols= no-issue= article-no= start-page=60 end-page=68 dt-received= dt-revised= dt-accepted= dt-pub-year=2010 dt-pub=201001 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Ordinary Pairing Friendly Curve of Embedding Degree 3 Whose Order Has Two Large Prime Factors en-subtitle= kn-subtitle= en-abstract= kn-abstract=This paper proposes a method for generating a certain composite order ordinary pairing–friendly elliptic curve of embedding degree 3. In detail, the order has two large prime factors such as the modulus of RSA cryptography. The method is based on the property that the order of the target pairing–friendly curve is given by a polynomial as r(X) of degree 2 with respect to the integer variable X. When the bit size of the prime factors is about 500 bits, the proposed method averagely takes about 15 minutes on Core 2 Quad (2.66Hz) for generating one. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=43 cd-vols= no-issue= article-no= start-page=113 end-page=116 dt-received= dt-revised= dt-accepted= dt-pub-year=2009 dt-pub=200901 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Cost Evaluation of The Improvement of Twisted Ate Pairing That Uses Integer Variable X of Small Hamming Weight en-subtitle= kn-subtitle= en-abstract= kn-abstract=Barreto–Naehrig (BN) curve has been introduced as an efficient pairing-friendly elliptic curve over prime field F(p) whose embedding degree is 12. The characteristic and Frobenius trace are given as polynomials of integer variable X. The authors proposed an improvement of Miller's algorithm of twisted Ate pairing with BN curve by applying X of small hamming weight in ITC–CSCC2008; however, its cost evaluation has not been explicitly shown. This paper shows the detail of the cost evaluation. en-copyright= kn-copyright= en-aut-name=SakemiYumi en-aut-sei=Sakemi en-aut-mei=Yumi kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=Katohidehiro en-aut-sei=Kato en-aut-mei=hidehiro kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MorikawaYoshikawa en-aut-sei=Morikawa en-aut-mei=Yoshikawa kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=4 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=43 cd-vols= no-issue= article-no= start-page=108 end-page=112 dt-received= dt-revised= dt-accepted= dt-pub-year=2009 dt-pub=200901 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Extension Field for Xate Pairing with Freeman Curve en-subtitle= kn-subtitle= en-abstract= kn-abstract=Recently, pairing-based cryptographies such as ID-based cryptography and group signature have been studied. For fast pairing calculation, not only pairing algorithms but also arithmetic operations in extension field must be efficiently carried out. The authors show efficient arithmetic operations of extension field for Xate pairing especially with Freeman curve. en-copyright= kn-copyright= en-aut-name=NekadoKenta en-aut-sei=Nekado en-aut-mei=Kenta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=KatoHidehiro en-aut-sei=Kato en-aut-mei=Hidehiro kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=4 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=43 cd-vols= no-issue= article-no= start-page=99 end-page=107 dt-received= dt-revised= dt-accepted= dt-pub-year=2009 dt-pub=200901 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A High-Speed Square Root Algorithm for Extension fields -Especially for Fast Extension Fields- en-subtitle= kn-subtitle= en-abstract= kn-abstract=A square root (SQRT) algorithm in extension field F(p(m))(m = r(0)r(1)・・・r(n−1)・2(d), r(i) : odd prime, d : positive integer) is proposed in this paper. First, a conventional SQRT algorithm, the Tonelli-Shanks algorithm, is modified to compute the inverse SQRT in F(p(2d)), where most of the computations are performed in the corresponding subfields F(p(2i)) for 0 ≤ i ≤ d-1. Then the Frobenius mappings with addition chain are adopted for the proposed SQRT algorithm, in which a lot of computations in a given extension field F(p(m)) are also reduced to those in a proper subfield by the norm computations. Those reductions of the field degree increase efficiency in the SQRT implementation. The Tonelli-Shanks algorithm and the proposed algorithm in F(p(6)) and F(p(10)) were implemented on a Core2 (2.66 GHz) using the C++ programming language. The computer simulations showed that, on average, the proposed algorithm accelerated the SQRT computation by 6 times in F(p(6)), and by 10 times in F(p(10)), compared to the Tonelli-Shanks algorithm. en-copyright= kn-copyright= en-aut-name=KatoHidehiro en-aut-sei=Kato en-aut-mei=Hidehiro kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=35 cd-vols= no-issue=1-2 article-no= start-page=197 end-page=205 dt-received= dt-revised= dt-accepted= dt-pub-year=2001 dt-pub=20010327 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Determining Minimal Polynomial of Proper Element by Using Higher Degree Traces en-subtitle= kn-subtitle= en-abstract= kn-abstract=Modern communication engineerings, such as elliptic curve cryptographies, often requires algebra on finite extension field defined by modulus arithmetic with an irreducible polynomial. This paper provides a new method to detemine the minimal (irreducible) polynomial of a given proper element in finite extension field. In the conventional determination method, as we have to solve the simultaneous equations, the computation is very involved. In this paper, the well known "trace" is extended to higher degree traces. Using the new traces, we yield the coefficient formula of the desired minimal polynomial. The new method becomes very simple without solving the simultaneous equations, and about twice faster than the conventional method in computation speed. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=Department of Communication Network Engineering affil-num=2 en-affil= kn-affil=Department of Communication Network Engineering en-keyword=finite field kn-keyword=finite field en-keyword=minimal polynomial kn-keyword=minimal polynomial en-keyword=irreducible polynomial kn-keyword=irreducible polynomial en-keyword=higher degree trace kn-keyword=higher degree trace en-keyword=trace kn-keyword=trace en-keyword=cryptography kn-keyword=cryptography END start-ver=1.4 cd-journal=joma no-vol=39 cd-vols= no-issue=1 article-no= start-page=82 end-page=92 dt-received= dt-revised= dt-accepted= dt-pub-year=2005 dt-pub=200501 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A High-Speed Square Root Computation in Finite Fields with Application to Elliptic Curve Cryptosystem en-subtitle= kn-subtitle= en-abstract= kn-abstract=In this paper, we focus on developing a high-speed square root (SQRT) algorithm required for an elliptic curve cryptosystem. Examining Smart algorithm, the previously well-known SQRT algorithm, we can see that there is a lot of computation overlap in Smart algorithm and the quadratic residue (QR) test, which must be implemented prior to a SQRT computation. It makes Smart algorithm inefficient. The essence of our proposition is thus to present a new QR test and an efficient SQRT algorithm to avoid all the overlapping computations. The authors devised a SQRT algorithm for which most of the data required have been computed in the proposed QR test. Not only there is no computation overlap in the proposed algorithm and the proposed QR test, but also in the proposed algorithm over GF(p(2)) (4 | p − 1) some computations can be executed in GF(p); whereas in Smart algorithm over GF(p(2)) all the computations must be executed in GF(p(2)). These yield many reductions in the computational time and complexity. We implemented the two QR tests and the two SQRT algorithms over GF(pm) (m=1, 2) in C++ language with NTL (Number Theory Library) on Pentium4 (2.6GHz), where the size of p is around 160 bits. The computer simulations showed that the proposed QR test and the proposed algorithm over GF(p(m)) were about 2 times faster than the conventional QR test and Smart algorithm over GF(p(m)). en-copyright= kn-copyright= en-aut-name=WangFeng en-aut-sei=Wang en-aut-mei=Feng kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= affil-num=1 en-affil= kn-affil=Department of Communication Network Engineering Okayama University affil-num=2 en-affil= kn-affil=Department of Communication Network Engineering Okayama University affil-num=3 en-affil= kn-affil=Department of Communication Network Engineering Okayama University END start-ver=1.4 cd-journal=joma no-vol=39 cd-vols= no-issue=1 article-no= start-page=71 end-page=81 dt-received= dt-revised= dt-accepted= dt-pub-year=2005 dt-pub=200501 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A Method for Generating Prime Order Elliptic Curves over F(q(2c)) en-subtitle= kn-subtitle= en-abstract= kn-abstract=This paper proposes an algorithm for generating prime order elliptic curves over extension field whose extension degree is a power of 2. The proposed algorithm is based on the fact that the order of the twisted elliptic curve is able to be a prime number when the extension degree for the twist operation is a power of 2. When the definition field is F(2(40)−87)(4) , the proposed algorithm can generate a prime order elliptic curve within 5 seconds on PentiumIII (800MHz) with C language. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=Department of Communication Network Engineering Okayama University affil-num=2 en-affil= kn-affil=Department of Communication Network Engineering Okayama University END start-ver=1.4 cd-journal=joma no-vol=40 cd-vols= no-issue=1 article-no= start-page=83 end-page=94 dt-received= dt-revised= dt-accepted= dt-pub-year=2006 dt-pub=200601 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=The Orders of Elliptic Curves y(2) = x(3) + b, b ∈ F(* q) en-subtitle= kn-subtitle= en-abstract= kn-abstract=This paper particularly deals with elliptic curves in the form of E(x, y) = y(2) − x(3) −b = 0, b ∈ F(* q) , where 3 divides q−1. In this paper, we refer to the well-known twist technique as x-twist and propose y-twist. By combining x-twist and y-twist, we can consider six elliptic curves and this paper proposes a method to obtain the orders of these six curves by counting only one order among the six curves. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=The Graduate School of Natural Science and Technology Okayama University affil-num=2 en-affil= kn-affil=The Graduate School of Natural Science and Technology Okayama University en-keyword=elliptic curve kn-keyword=elliptic curve en-keyword=twist kn-keyword=twist en-keyword=third power residue/non-residue kn-keyword=third power residue/non-residue END start-ver=1.4 cd-journal=joma no-vol=41 cd-vols= no-issue=1 article-no= start-page=11 end-page=19 dt-received= dt-revised= dt-accepted= dt-pub-year=2007 dt-pub=200701 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=An Algorithm for Generating Irreducible Cubic Trinomials over Prime Field en-subtitle= kn-subtitle= en-abstract= kn-abstract=This paper proposes an algorithm for generating irreducible cubic trinomials in the form x(3) + ax + b, b ∈ F(p), where a is a certain fixed non-zero element in the prime field F(p). The proposed algorithm needs a certain irreducible cubic trinomial over F(p) to be previously given as a generator; however, the proposed algorithm can generate irreducible cubic polynomials one after another by changing a certain parameter in F(p). In this paper, we compare the calculation cost and the average computation time for generating an irreducible cubic polynomial, especially trinomial, among Hiramoto et al. irreducibility testing algorithm, Berlekamp-Massey minimal polynomial determining algorithm, and the proposed algorithm. From the experimental results, it is shown that the proposed algorithm is the fastest among the three algorithms for generating irreducible cubic trinomials. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=The Graduate School of Natural Science and Technology Okayama University affil-num=2 en-affil= kn-affil=The Graduate School of Natural Science and Technology Okayama University en-keyword=irreducible cubic polynomial kn-keyword=irreducible cubic polynomial en-keyword=minimal polynomial kn-keyword=minimal polynomial END start-ver=1.4 cd-journal=joma no-vol=41 cd-vols= no-issue=1 article-no= start-page=1 end-page=10 dt-received= dt-revised= dt-accepted= dt-pub-year=2007 dt-pub=200701 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=The Number of the Irreducible Cubic Polynomials in the Form of x(3) + ax + b with a Certain Fixed Element a en-subtitle= kn-subtitle= en-abstract= kn-abstract=In this paper, we first show the number of x's such that x(2) +u, u ∈ F(*)(p) , becomes a quadratic residue in F(p), and then this number is proven to be equal to (p+1)/2 if −u is a quadratic residue in Fp, which is a necessary fact for the following. With respect to the irreducible cubic polynomials over Fp in the form of x(3)+ax+b, we give a classification based on the trace of an element in F(p3) and based on whether or not the coefficient of x, i.e. the parameter a, is a quadratic residue in Fp. According to this classification, we can know the minimal set of the irreducible cubic polynomials, from which all the irreducible cubic polynomials can be generated by using the following two variable transformations: x=x + i, x=j−1x, i, j ∈ Fp, j ≠ 0. Based on the classification and that necessary fact, we show the number of the irreducible cubic polynomials in the form of x(3)+ax+b, b ∈ F(p), where a is a certain fixed element in F(p). en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=The Graduate School of Natural Science and Technology Okayama University affil-num=2 en-affil= kn-affil=The Graduate School of Natural Science and Technology Okayama University en-keyword=Irreducible cubic polynomial kn-keyword=Irreducible cubic polynomial en-keyword=trace kn-keyword=trace en-keyword=quadratic residue kn-keyword=quadratic residue END start-ver=1.4 cd-journal=joma no-vol=42 cd-vols= no-issue=1 article-no= start-page=110 end-page=114 dt-received= dt-revised= dt-accepted= dt-pub-year=2008 dt-pub=200801 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=A Method for Checking the Parity of (#Jc - 1)=2 of Genus 2 and 3 Hyperelliptic Curves en-subtitle= kn-subtitle= en-abstract= kn-abstract=This paper shows a method for checking the parity of (#Jc − 1)/2 without calculating the order #Jc, where #Jc is the order of genus 2 or 3 hyperelliptic curve. en-copyright= kn-copyright= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University END start-ver=1.4 cd-journal=joma no-vol=42 cd-vols= no-issue=1 article-no= start-page=36 end-page=43 dt-received= dt-revised= dt-accepted= dt-pub-year=2008 dt-pub=200801 dt-online= en-article= kn-article= en-subject= kn-subject= en-title= kn-title=Fast Exponentiation in Extension Field with Frobenius Mappings en-subtitle= kn-subtitle= en-abstract= kn-abstract=This paper proposes an exponentiation method with Frobenius mappings. Our method is closely related to so-called interleaving exponentiation. Different from the interleaving exponentiation methods, our method can carry out several exponentiations using same base at the same time. The efficiency to use Frobenius mappings for an exponentiation in extension field is well introduced by Avanzi and Mihailescu. This exponentiation method is based on so-called simultaneous exponentiation and uses many Frobenius mappings. Their method more decreased the number of multiplications; however, the number of Frobenius mappings inversely increased. Compared to their method , the number of multiplications needed for the proposed method becomes about 20% larger; however, that of Frobenius mappings becomes small enough. en-copyright= kn-copyright= en-aut-name=KatoHidehiro en-aut-sei=Kato en-aut-mei=Hidehiro kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=1 ORCID= en-aut-name=NekadoKenta en-aut-sei=Nekado en-aut-mei=Kenta kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=2 ORCID= en-aut-name=NogamiYasuyuki en-aut-sei=Nogami en-aut-mei=Yasuyuki kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=3 ORCID= en-aut-name=MorikawaYoshitaka en-aut-sei=Morikawa en-aut-mei=Yoshitaka kn-aut-name= kn-aut-sei= kn-aut-mei= aut-affil-num=4 ORCID= affil-num=1 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=2 en-affil= kn-affil=Faculty of Engineering, Okayama University affil-num=3 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University affil-num=4 en-affil= kn-affil=Graduate School of Natural Science and Technology, Okayama University en-keyword=exponentiation kn-keyword=exponentiation en-keyword=Frobenius mapping kn-keyword=Frobenius mapping en-keyword=extension field kn-keyword=extension field END