-
[show abstract]
[hide abstract]
ABSTRACT: Purpose: Real-time tumor position/shape measurement and dynamic beam tracking techniques allow accurate and continuous irradiation to moving tumor, but there can be a delay of several hundred milliseconds between observation and irradiation. A time-variant seasonal autoregressive (TVSAR) model has been proposed for compensating the delay by predicting respiratory tumor motion with sub-millimeter accuracy for a second latency. This is the-state-of-the-art model for almost regular breathing prediction so far. In this study, we propose an extended prediction method based on TVSAR to be usable for various breathing patterns, by predicting the residual component obtained from conventional TVSAR. Methods: An essential core of the method is to take into account the residual component that is not predictable by only TVSAR. The residual component involves baseline shift, amplitude variation, and so on. In this study, the time series of the residual obtained for every new sample are predicted by using autoregressive (AR) model. The order and parameters of the AR model is adaptively determined for each residual component by using an information criterion. Eleven data sets of 3-D lung tumor motion, observed at Georgetown University Hospital by using Cyberknife Synchrony system, were used for evaluation of the prediction performance. Results: Experimental results indicated that the proposed method is superior to those of conventional and the state-of-the-art methods for 0 to 1 s ahead prediction. The average prediction error of the proposed method was 0.920 plus/minus 0.348 mm for 0.5 s forward prediction. Conclusion: We have developed the new prediction method based on TVSAR model with adaptive residual prediction. The new method can predict various respiratory motions including not only regular but also a variety of irregular breathing patterns and thus can compensate the bad effect of the delay in dynamic irradiation system for moving tumor tracking. A part of this work has been financially supported by Varian Medical Systems Inc., Palo Alto, CA and Japan Society for the Promotion of Science (JSPS), Japan.
Medical Physics 06/2012; 39(6):3616. · 2.83 Impact Factor
-
[show abstract]
[hide abstract]
ABSTRACT: Purpose: To develop a three-dimensional (3-D) volumetric registration algorithm to estimate the intra-fractional lung tumor motion between respiratory phases for improving the accuracy of radiotherapy treatment. Methods: The 3-D thoracic CT volumes (512×512×160 voxels, with dimensions 0.97×0.97×2.5 mm(3)) in different respiratory phases were acquired on a General Electric Optima T580 scanner in cine mode. As a preprocess, a bicubic interpolation was used to interpolate the original 3-D volumes along the cephalo-caudal axis to volumes of size 512×512×400 voxels, with dimensions 0.97×0.97×1 mm(3). In each respiratory phase, a sub-volume covering the tumor was roughly specified manually. A 3-D phase correlation of two sub-volumes was computed by using the 3-D inverse Fourier transformation of the normalized cross power spectrum of two sub-volumes. The 3-D displacements along three axes were estimated by finding the location of the highest peak in the 3-D phase correlation. Results: Experiments were conducted on an artificial 4-D CT data set and three clinical 4-D CT data sets. Experimental results shown that the proposed algorithm was capable of estimating the tumor motion between respiratory phases with a high-accuracy (mean square error <1 mm). Conclusions: This work extended the conventional image registration techniques from 2-D to 3-D for tumor motion estimation. This work indicates a potential for significant accuracy improvement in radiotherapy treatment planning. The high-accurate 3-D tumor motion information provides a reliable basis for expanding a clinical target volume (CTV) to a planning target volume (PTV) to incorporate the intra-fractional tumor motion.
Medical Physics 06/2012; 39(6):3683. · 2.83 Impact Factor
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents a systematic design approach to provide the optimized Rivest-Shamir-Adleman (RSA) processors based on high-radix Montgomery multipliers satisfying various user requirements, such as circuit area, operating time, and resistance against side-channel attacks. In order to involve the tradeoff between the performance and the resistance, we apply four types of exponentiation algorithms: two variants of the binary method with/without Chinese Remainder Theorem (CRT). We also introduces three multiplier-based datapath-architectures using different intermediate data forms: 1) single form, 2) semi carry-save form, and 3) carry-save form, and combined them with a wide variety of arithmetic components. Their radices are parameterized from 2<sup>8</sup> to 2<sup>128</sup>. A total of 242 datapaths for 1024-bit RSA processors were obtained for each radix. The potential of the proposed approach is demonstrated through an experimental synthesis of all possible processors with a 90-nm CMOS standard cell library. As a result, the smallest design of 861 gates with 118.47 ms/RSA to the fastest design of 0.67 ms/RSA at 153thinspace 862 gates were obtained. In addition, the use of the CRT technique reduced the RSA operation time of the fastest design to 0.24 ms. Even if we employed the exponentiation algorithm resistant to typical side-channel attacks, the fastest design can perform the RSA operation in less than 1.0 ms.
IEEE Transactions on Very Large Scale Integration (VLSI) Systems 08/2011; · 1.22 Impact Factor
-
[show abstract]
[hide abstract]
ABSTRACT: A new class of physical attacks against cryptographic modules, which is called the side-channel attack, is now drawing much attention. Side-channel attacks exploit information leakage from a physical implementation, such as power consumption and electro-magnetic (EM) radiation. This paper presents an overview of the recent trends in side-channel attacks, including EM analysis attacks, and related activities in the security evaluation of cryptographic modules.
Electromagnetic Compatibility (EMC), 2010 IEEE International Symposium on; 08/2010
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents hardware architectures for the hash algorithm Luffa, which is a candidate for the next-generation hash standard SHA-3. The architectures were implemented by using a 90-nm CMOS standard cell library. A high throughput of 35 Gbps for a high-speed architecture and a gate count of 14.7 kgate for a compact architecture were obtained. In comparison with Keccak, other SHA-3 candidate in the sponge function category, as well as with the current hash standard SHA-256, Luffa exhibited the advantage of flexible implementation ranging from high-speed to compact circuits.
Hardware-Oriented Security and Trust (HOST), 2010 IEEE International Symposium on; 07/2010
-
[show abstract]
[hide abstract]
ABSTRACT: This paper proposes new chosen-message power-analysis attacks for public-key cryptosystems based on modular exponentiation, where specific input pairs are used to generate collisions between squaring operations at different locations in the two power traces. Unlike previous attacks of this kind, the new attack can be applied to all standard implementations of the exponentiation process, namely binary (left-to-right and right-to-left), m-ary, and sliding window methods. The proposed attack can also circumvent typical countermeasures, such as the Montgomery powering ladder and the double-add algorithm. The effectiveness of the attack is demonstrated in experiments with hardware and software implementations of RSA on an FPGA and a PowerPC processor, respectively. In addition to the new collision generation methods, a highly accurate waveform matching technique is introduced for detecting the collisions even when the recorded signals are noisy and there is a certain amount of clock jitter.
IEEE Transactions on Computers 07/2010; · 1.10 Impact Factor
-
[show abstract]
[hide abstract]
ABSTRACT: Differential power analysis experiments are conducted on various ASIC implementations of AES with different S-box architectures: (i) an inverter over Galois field GF(((2<sup>2</sup>)<sup>2</sup>)<sup>2</sup>), (ii) table, (iii) PPRM (positive polarity Reed-Muller forms), and (iv) 3-stage PPRM. Dedicated ASIC is developed and its power is measured on the standard evaluation board SASEBO-R. The results show that the S-box implementations have a significant impact on DPA resistance. The results are also compared with that of FPGA implementations to investigate the difference between the platforms.
Circuit Theory and Design, 2009. ECCTD 2009. European Conference on; 09/2009
-
[show abstract]
[hide abstract]
ABSTRACT: An enhanced CPA (correlation power analysis) attack which screens key candidates using correlation levels and ranking is proposed in this paper. An AES circuis is implemented on a Xilinxreg FPGA on SASEBO (side-channel attack standard evaluation board) specifically designed for side-channel attack experiments, and the proposed attack is performed and compared to the standard CPA. As a result, the key screening technique successfully reduces the calculation time for handing 5,000 power traces by 26%. In addition to the accelerated computation, the accuracy of the key estimation is also improved.
Reconfigurable Computing and FPGAs, 2008. ReConFig '08. International Conference on; 01/2009
-
[show abstract]
[hide abstract]
ABSTRACT: The present paper proposes a systematic design approach to provide the optimal high-radix Montgomery multipliers for an RSA processor satisfying user requirements. We introduces three multiplier-based architectures using different intermediate-data forms ((i) single form, (ii) semi carry-save form, and (iii) carry-save form, and combined them with a wide variety of arithmetic components. Their radices are also parameterized from 2<sup>8</sup> to 2<sup>64</sup>. A total of 202 designs for 1,024-bit RSA processors were obtained for each radix, and were synthesized using a 90-nm CMOS standard cell library. The smallest design of 0.9 Kgates with 137.8 ms/RSA to the fastest design of 1.8 ms/RSA at 74.7 Kgates were then obtained. In addition, the optimal design to meet the user requirements can be easily obtained from all the combinations. In addition to choosing the datapath architecture, the arithmetic component, and the radix parameters, the proposed systematic approach can also adopt other process technologies.
Computer Design, 2008. ICCD 2008. IEEE International Conference on; 11/2008
-
[show abstract]
[hide abstract]
ABSTRACT: Humans can often conduct both linear and nonlinear control tasks after a sufficient number of trials, even if they initially do not have sufficient knowledge about the systempsilas dynamics and the way to control it. Theoretically, it is well known that some nonlinear systems cannot be stabilized asymptotically by any linear controllers. However, such differences between linear and nonlinear controls from the viewpoint of brain activities are still unclear. In this paper, we have conducted an F-MRI experiment using complex nonlinear control tasks where subjects are required to control a 2-link planar under actuated manipulator (2PUAM). The 2PUAM has nonholonomic constrains and cannot be stabilized asymptotically by any linear controller. Although there are similar activations such as in motor cortex and somatosensory cortex, some differences between linear and nonlinear cases have been observed by the F-MRI. According to the brain function mapping, the result implies that some additional information such as the shape of the manipulator and its trajectory, which are not needed for linear control tasks, may be required to control the 2PUAM. Therefore, this suggests that the difference in linear and nonlinear control tasks can be observed through the brain activities.
SICE Annual Conference, 2008; 09/2008
-
[show abstract]
[hide abstract]
ABSTRACT: This paper proposes a high-level design method of multiple-valued arithmetic circuits. The proposed method uses a cell-based approach with a dedicated hardware description language called ARITH. By using ARITH, we can describe and verify any binary/multiple-valued arithmetic circuits in a formal manner. The ARITH description can be transformed into a technology-dependent netlist in binary/multiple-valued fused logic. The process of transforming the netlist into a physical layout pattern is automatically performed by an off-the-shelfplace-and-route tool. In this paper, we present a specific cell library containing a multiple-valued signed-digit adder and its related circuits with a 0.35mum CMOS technology, and demonstrate that the proposed method can synthesize a 32times 32-bit parallel multiplier in multiple-valued current-mode logic from an ARITH description.
Multiple Valued Logic, 2008. ISMVL 2008. 38th International Symposium on; 06/2008
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents an arithmetic module generator based on an arithmetic description language called ARITH. The use of ARITH makes it possible to describe a wide variety of arithmetic algorithms in a unified manner. The ARITH descriptions are formally verified in the generator even if the arithmetic algorithms include unconventional number systems for operands or internal variables. The proposed generator also optimizes arithmetic algorithms by using performance profiles derived from the previous generation. From these features, we can obtain high-performance arithmetic modules whose functions are completely verified at the algorithm level. In this paper, we demonstrate that the optimal prefix adders improved the performance of generated arithmetic modules such as multipliers in comparison with the standard prefix adders.
Circuits and Systems, 2008. ISCAS 2008. IEEE International Symposium on; 06/2008
-
[show abstract]
[hide abstract]
ABSTRACT: In the present paper, we introduce high-performance hardware architectures for the 128-bit block cipher CLEFIA and evaluate their ASIC performances in comparison with the ISO/IEC 18033-3 standard block ciphers (AES, Camellia, SEED, CAST-128, MISTY1, and TDEA). We designed five types of hardware architectures for CLEFIA, combining two loop structures and three F-functions. These designs were synthesized with a 90-nm CMOS standard cell library, and size and speed performances were evaluated. The highest hardware efficiency (defined as throughput/gates) obtained was 400.96 Kbps/gates, which is 1.5 times higher than previously achieved efficiencies.
Circuits and Systems, 2008. ISCAS 2008. IEEE International Symposium on; 06/2008
-
[show abstract]
[hide abstract]
ABSTRACT: SPA (simple power analysis) attacks against RSA cryptosystems are enhanced by using chosen-message scenarios. One of the most powerful chosen-message SPA attacks was proposed by Yen et. al. in 2005, which can be applied to various algorithms and architectures, and can defeat the most popular SPA countermeasure using dummy multiplication. Special input values of -1 and a pair of -X and X can be used to identify squaring operations performed depending on key bit stream. However, no experimental result on actual implementation was reported. In this paper, we implemented some RSA processors on an FPGA platform and demonstrated that Yen's attack with a signal filtering technique clearly reveal the secret key information in the actual power waveforms.
Circuits and Systems, 2008. ISCAS 2008. IEEE International Symposium on; 06/2008
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents a formal approach to verify arithmetic circuits using symbolic computer algebra. Our method describes arithmetic circuits directly with high-level mathematical objects based on weighted number systems and arithmetic formulae. Such circuit description can be effectively verified by polynomial reduction techniques using Grobner Bases. In this paper, we describe how the symbolic computer algebra can be used to describe and verify arithmetic circuits. The advantageous effects of the proposed approach are demonstrated through experimental verification of some arithmetic circuits such as multiply-accumulator and FIR filter. The result shows that the proposed approach has a definite possibility of verifying practical arithmetic circuits where the conventional techniques failed.
Computer Design, 2007. ICCD 2007. 25th International Conference on; 11/2007
-
[show abstract]
[hide abstract]
ABSTRACT: In this paper, we propose a new diagnosis method of pulmonary nodules in CT images to reduce false positive (FP) rate for high true positive (TP) rate conditions. An essential core of the method is to extract two novel and effective features from the raw CT images: One is orientation features of nodules in a region of interest (ROI) extracted by a gabor filter, while the other is variation of CT values of the ROI in the direction along body axis. By using the extracted features, a principal component analysis technic and neural network approaches are then used to discriminate between nodule and non-nodule images. Simulation results show that discrimination performance using the proposed features is extremely improved compared to that of the conventional method.
SICE, 2007 Annual Conference; 10/2007
-
[show abstract]
[hide abstract]
ABSTRACT: We propose differential power analysis (DPA) with a phase-based waveform matching technique. Conventionally, a trigger signal and a system clock are used to capture the waveform traces, but the signals always contain jitter-related deviations, and this degrades the accuracy of the statistical analysis. Our method can adjust for this timing deviation with a higher resolution than the sampling rate by post-processing on the measured waveforms. Therefore, no modification of the measuring equipment is required. Our method can also defeat DPA countermeasures creating distorted waveforms with random delays or dummy cycles. We implemented Data Encryption Standard (DES) software with and without the countermeasure on a Z80 microprocessor, and demonstrated the advantages of our method in comparison with a conventional attack.
Circuits and Systems, 2007. ISCAS 2007. IEEE International Symposium on; 06/2007
-
[show abstract]
[hide abstract]
ABSTRACT: Simple power analysis (SPA) was applied to an RSA processor with a high-radix Montgomery multiplier on an FPGA platform, and the different characteristics of power waveforms caused by two types of multiplier (built-in and custom) were investigated in detail. The authors also applied an active attack where input data was set to a specific pattern to control the modular multiplication. The power dissipation for the multiplication was greatly reduced in comparison with modular squaring, resulting in success in revealing all of the secret key bits
Circuits and Systems, 2007. ISCAS 2007. IEEE International Symposium on; 06/2007
-
[show abstract]
[hide abstract]
ABSTRACT: The authors propose a compact hardware architecture for the 64-bit block cipher CAST-128, which is one of the ISO/IEC 18033-3 standard algorithms. Part of the complexity of CAST-128 is its use of various S-boxes in various sequences, and three types of f-function are switched depending on the round numbers. Therefore a large amount of hardware resources are required for a straight-forward implementation. In order to create compact CAST-128 hardware, the authors minimized the number of S-box components, and merged the three f-functions into one arithmetic component. The CAST-128 hardware based on the proposed architecture was synthesized using 0.13mum and 0.18-mum CMOS standard cell libraries and small, practical circuits of 26.4-39.5 Kgates and 189.9-614.7 Mbps were obtained.
Circuits and Systems, 2007. ISCAS 2007. IEEE International Symposium on; 06/2007
-
[show abstract]
[hide abstract]
ABSTRACT: This paper presents a formal design of decimal arithmetic circuits using an arithmetic description language called ARITH. The use of ARITH makes possible (i) formal description of arithmetic algorithms including those using unconventional number systems, (ii) formal verification of described arithmetic algorithms, and (iii) translation of arithmetic algorithms to the equivalent HDL descriptions. In this paper, we demonstrate the potential of ARITH through an experimental design of binary coded decimal (BCD) arithmetic circuits
Intelligent Signal Processing and Communications, 2006. ISPACS '06. International Symposium on; 01/2007
