A survey in mathematics for industry: Two-timing and matched asymptotic expansions for singular perturbation problems

Following the derivation of amplitude equations through a new two-time-scale method [O'Malley, R. E., Jr. & Kirkinis, E (2010) A combined renormalization group-multiple scale method for singularly perturbed problems. Stud. Appl. Math. 124, 383-410], we show that a multi-scale method may often be preferable for solving singularly perturbed problems than the method of matched asymptotic expansions. We illustrate this approach with 10 singularly perturbed ordinary and partial differential equations. © 2011 Cambridge University Press.

Amplitude equations and asymptotic expansions for multi-scale problems

In this paper we introduce a new technique to obtain the slow-motion dynamics in nonequilibrium and singularly perturbed problems characterized by multiple scales. Our method is based on a straightforward asymptotic reduction of the order of the governing differential equation and leads to amplitude equations that describe the slowly-varying envelope variation of a uniformly valid asymptotic expansion. This may constitute a simpler and in certain cases a more general approach toward the derivation of asymptotic expansions, compared to other mainstream methods such as the method of Multiple Scales or Matched Asymptotic expansions because of its relation with the Renormalization Group. We illustrate our method with a number of singularly perturbed problems for ordinary and partial differential equations and recover certain results from the literature as special cases. © 2010 - IOS Press and the authors. All rights reserved.

Generalised cumulative arrays in secret sharing

Cumulative arrays have played an important role in the early development of the secret sharing theory. They have not been subject to extensive study so far, as the secret sharing schemes built on them generally result in much larger sizes of shares, when compared with other conventional approaches. Recent works in threshold cryptography show that cumulative arrays may be the appropriate building blocks in non-homomorphic threshold cryptosystems where the conventional secret sharing methods are generally of no use. In this paper we study several extensions of cumulative arrays and show that some of these extensions significantly improve the performance of conventional cumulative arrays. In particular, we derive bounds on generalised cumulative arrays and show that the constructions based on perfect hash families are asymptotically optimal. We also introduce the concept of ramp perfect hash families as a generalisation of perfect hash families for the study of ramp secret sharing schemes and ramp cumulative arrays.

Efficient one-time proxy signatures

One-time proxy signatures are one-time signatures for which a primary signer can delegate his or her signing capability to a proxy signer. In this work we propose two one-time proxy signature schemes with different security properties. Unlike other existing one-time proxy signatures that are constructed from public key cryptography, our proposed schemes are based one-way functions without trapdoors and so they inherit the communication and computation efficiency from the traditional one-time signatures. Although from a verifier point of view, signatures generated by the proxy are indistinguishable from those created by the primary signer, a trusted authority can be equipped with an algorithm that allows the authority to settle disputes between the signers. In our constructions, we use a combination of one-time signatures, oblivious transfer protocols and certain combinatorial objects. We characterise these new combinatorial objects and present constructions for them.

Efficient extension of standard Schnorr/RSA signatures into Universal Designated-Verifier Signatures

Universal Designated-Verifier Signature (UDVS) schemes are digital signature schemes with additional functionality which allows any holder of a signature to designate the signature to any desired designated-verifier such that the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. Since UDVS schemes reduce to standard signatures when no verifier designation is performed, it is natural to ask how to extend the classical Schnorr or RSA signature schemes into UDVS schemes, so that the existing key generation and signing implementation infrastructure for these schemes can be used without modification. We show how this can be efficiently achieved, and provide proofs of security for our schemes in the random oracle model.

Parallel authentication and public-key encryption

A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (ɛtS) or Sign-then-Encrypt (Stɛ) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and- Encrypt (Ct&G3&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt. and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements — encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.

How to strengthen any weakly unforgeable signature into a strongly unforgeable signature

Standard signature schemes are usually designed only to achieve weak unforgeability – i.e. preventing forgery of signatures on new messages not previously signed. However, most signature schemes are randomised and allow many possible signatures for a single message. In this case, it may be possible to produce a new signature on a previously signed message. Some applications require that this type of forgery also be prevented – this requirement is called strong unforgeability. At PKC2006, Boneh Shen and Waters presented an efficient transform based on any randomised trapdoor hash function which converts a weakly unforgeable signature into a strongly unforgeable signature and applied it to construct a strongly unforgeable signature based on the CDH problem. However, the transform of Boneh et al only applies to a class of so-called partitioned signatures. Although many schemes fall in this class, some do not, for example the DSA signature. Hence it is natural to ask whether one can obtain a truly generic efficient transform based on any randomised trapdoor hash function which converts any weakly unforgeable signature into a strongly unforgeable one. We answer this question in the positive by presenting a simple modification of the Boneh-Shen-Waters transform. Our modified transform uses two randomised trapdoor hash functions.

An ideal and robust threshold RSA

We present a novel implementation of the threshold RSA. Our solution is conceptually simple, and leads to an easy design of the system. The signing key is shared in additive form, which is desirable for collaboratively performing cryptographic transformations, and its size, at all times, is logn, where n is the RSA modulus. That is, the system is ideal.

Experiences with control of evaporators using extensive vapour bleeding

FOR SUGAR factories with cogeneration plants major changes to the process stations have been undertaken to reduce the consumption of exhaust steam from the turbines and maximise the generated power. In many cases the process steam consumption has been reduced from greater than 52% on cane to ~40% on cane. The main changes have been to install additional evaporation area at the front of the set, operate the pan stages on vapour from No 1 or No 2 effects and undertake juice heating using vapour bleed from evaporators as far down the set as the penultimate stage. Operationally, one of the main challenges has been to develop a control system for the evaporators that addresses the objectives of juice processing rate (throughput) and steam economy, while producing syrup consistently at the required brix and providing an adequate and consistent vapour pressure for the pan stage operations. The cyclic demand for vapour by batch pans causes process disturbances through the evaporator set and these must be regulated in an effective manner to satisfy the above list of objectives for the evaporator station. The impact of the cyclic pan stage vapour demand has been modelled to define the impact on juice rate, steam economy, syrup brix and head space pressures in the evaporators. Experiences with the control schemes used at Pioneer and Rocky Point Mills are discussed. For each factory the paper provides information on (a) the control system used, the philosophy behind the control system and experiences in reaching the current system for control (b) the performance of the control system to handle the disturbances imposed by the pan stage and operate within other constraints of the factory (c) deficiencies in the current system and plans for further improvements. Other processing changes to boost the performance of the evaporators are also discussed.

Simulation of gas-phase nanoparticle dynamics in the plasma-enhanced chemical vapor deposition of carbon nanostructures

The results of 1D simulation of nanoparticle dynamics in the areas adjacent to nanostructured carbon-based films exposed to chemically active complex plasma of CH4 + H2 + Ar gas mixtures are presented. The nanoparticle-loaded near-substrate (including sheath and presheath) areas of a low-frequency (0.5 MHz) inductively coupled plasma facility for the PECVD growth of the ordered carbon-based nanotip structures are considered. The conditions allowing one to predict the size of particles that can pass through the plasma sheath and softly land onto the surface are formulated. The possibility of soft nano-cluster deposition without any additional acceleration common for some existing nano-cluster deposition schemes is demonstrated. The effect of the substrate heating power and the average atomic mass of neutral species is studied numerically and verified experimentally.

Dual Z-source inverter with three-level reduced common mode switching

This paper presents the design of a dual Z-source inverter that can be used with either a single dc source or two isolated dc sources. Unlike traditional inverters, the integration of a properly designed Z-source network and semiconductor switches to the proposed dual inverter allows buck-boost power conversion to be performed over a wide modulation range with three-level output waveforms generated. The connection of an additional transformer to the inverter ac output also allows all generic wye- or delta-connected loads with three-wire or four-wire configuration to be supplied by the inverter. Modulation-wise, the dual inverter can be controlled using a carefully designed carrier-based pulse-width modulation (PWM) scheme that always will ensure balanced voltage boosting of the Z-source network, while simultaneously achieving reduced common-mode switching. Because of the omission of dead-time delays in the dual inverter PWM scheme, its switched common-mode voltage can be completely eliminated, unlike in traditional inverters where narrow common-mode spikes are still generated. Under semiconductor failure conditions, the presented PWM schemes can easily be modified to allow the inverter to operate without interruption and for cases where two isolated sources are used, zero common-mode voltage can still be ensured. These theoretical findings together with the inverter practicality have been confirmed both in simulations using PSIM with Matlab/Simulink coupler and experimentally using a laboratory implemented inverter prototype.

Dual Z-source inverter with three-level reduced common-mode switching

This paper presents the design of a dual Z-source inverter that can be used with either a single dc source or two isolated dc sources. Unlike traditional inverters, the integration of a properly designed Z-source network and semiconductor switches to the proposed dual inverter allows buck-boost power conversion to be performed over a wide modulation range, with three-level output waveforms generated. The connection of an additional transformer to the inverter ac output also allows all generic wye-or delta-connected loads with three-wire or four-wire configuration to be supplied by the inverter. Modulationwise, the dual inverter can be controlled using a carefully designed carrier-based pulsewidth-modulation (PWM) scheme that will always ensure balanced voltage boosting of the Z-source network while simultaneously achieving reduced common-mode switching. Because of the omission of dead-time delays in the dual-inverter PWM scheme, its switched common-mode voltage can be completely eliminated, unlike in traditional inverters, where narrow common-mode spikes are still generated. Under semiconductor failure conditions, the presented PWM schemes can easily be modified to allow the inverter to operate without interruption, and for cases where two isolated sources are used, zero common-mode voltage can still be ensured. These theoretical findings, together with the inverter practicality, have been confirmed in simulations both using PSIM with Matlab/Simulink coupler and experimentally using a laboratory-implemented inverter prototype.

Keyword field-free conjunctive keyword searches on encrypted data and extension for dynamic groups

We consider the following problem: a user stores encrypted documents on an untrusted server, and wishes to retrieve all documents containing some keywords without any loss of data confidentiality. Conjunctive keyword searches on encrypted data have been studied by numerous researchers over the past few years, and all existing schemes use keyword fields as compulsory information. This however is impractical for many applications. In this paper, we propose a scheme of keyword field-free conjunctive keyword searches on encrypted data, which affirmatively answers an open problem asked by Golle et al. at ACNS 2004. Furthermore, the proposed scheme is extended to the dynamic group setting. Security analysis of our constructions is given in the paper.

On secure multi-party computation in black-box groups

We study the natural problem of secure n-party computation (in the passive, computationally unbounded attack model) of the n-product function f G (x 1,...,x n ) = x 1 ·x 2 ⋯ x n in an arbitrary finite group (G,·), where the input of party P i is x i  ∈ G for i = 1,...,n. For flexibility, we are interested in protocols for f G which require only black-box access to the group G (i.e. the only computations performed by players in the protocol are a group operation, a group inverse, or sampling a uniformly random group element). Our results are as follows. First, on the negative side, we show that if (G,·) is non-abelian and n ≥ 4, then no ⌈n/2⌉-private protocol for computing f G exists. Second, on the positive side, we initiate an approach for construction of black-box protocols for f G based on k-of-k threshold secret sharing schemes, which are efficiently implementable over any black-box group G. We reduce the problem of constructing such protocols to a combinatorial colouring problem in planar graphs. We then give two constructions for such graph colourings. Our first colouring construction gives a protocol with optimal collusion resistance t < n/2, but has exponential communication complexity O(n*2t+1^2/t) group elements (this construction easily extends to general adversary structures). Our second probabilistic colouring construction gives a protocol with (close to optimal) collusion resistance t < n/μ for a graph-related constant μ ≤ 2.948, and has efficient communication complexity O(n*t^2) group elements. Furthermore, we believe that our results can be improved by further study of the associated combinatorial problems.

Universal designated-verifier signatures

Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the designated-signature, the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. We propose an efficient deterministic UDVS scheme constructed using any bilinear group-pair. Our UDVS scheme functions as a standard Boneh-Lynn-Shacham (BLS) signature when no verifier-designation is performed, and is therefore compatible with the key-generation, signing and verifying algorithms of the BLS scheme. We prove that our UDVS scheme is secure in the sense of our unforgeability and privacy notions for UDVS schemes, under the Bilinear Diffie-Hellman (BDH) assumption for the underlying group-pair, in the random-oracle model. We also demonstrate a general constructive equivalence between a class of unforgeable and unconditionally-private UDVS schemes having unique signatures (which includes the deterministic UDVS schemes) and a class of ID-Based Encryption (IBE) schemes which contains the Boneh-Franklin IBE scheme but not the Cocks IBE scheme.