Showing papers in "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences in 2010"
TL;DR: A scan-based side-channel attack which enables us to retrieve a secret key in an RSA circuit based on detecting intermediate values calculated inAn RSA circuit by monitoring a 1-bit time-sequence specific to some intermediate values.
Abstract: Scan-based side-channel attacks retrieve a secret key in a cryptography circuit by analyzing scanned data. Since they must be considerable threats to a cryptosystem LSI, we have to protect cryptography circuits from them. RSA is one of the most important cryptography algorithms because it effectively realizes a public-key cryptography system. RSA is extensively used but conventional scan-based side-channel attacks cannot be applied to it because it has a complicated algorithm. This paper proposes a scan-based side-channel attack which enables us to retrieve a secret key in an RSA circuit. The proposed method is based on detecting intermediate values calculated in an RSA circuit. We focus on a 1-bit time-sequence which is specific to some intermediate values. By monitoring the 1-bit time-sequence in the scan path, we can find out the register position specific to the intermediate value and we can know whether this intermediate value is calculated or not in the target RSA circuit. We can retrieve a secret key one-bit by one-bit from MSB to LSB. The experimental results demonstrate that a 1,024-bit secret key used in the target RSA circuit can be retrieved using 30.2 input messages within 98.3 seconds and its 2,048-bit secret key can be retrieved using 34.4 input within 634.0 seconds.
77 citations
TL;DR: This paper describes an algorithm for Successive Approximation Register (SAR) ADCs with overlapping steps that allow comparison decision errors to be digitally corrected, and shows that the sampling speed of an SAR ADC using this algorithm can be faster than that of a conventional binary-search SAR ADC.
Abstract: This paper describes an algorithm for Successive Approximation Register (SAR) ADCs with overlapping steps that allow comparison decision errors (due to, such as DAC incomplete settling) to be digitally corrected. We generalize this non-binary search algorithm, and clarify which decision errors it can digitally correct. This algorithm requires more SAR ADC conversion steps than a binary search algorithm, but we show that the sampling speed of an SAR ADC using this algorithm can be faster than that of a conventional binary-search SAR ADC—because the latter must wait for the settling time of the DAC inside the SAR ADC.
52 citations
TL;DR: A new active element the Current Follower Transconductance Amplifier (CFTA) for the realization of the current-mode analog blocks is presented and the advantage of the structure presented is that the outputs of the filter are at high impedance and hence it is not necessary to use other auxiliary active elements.
Abstract: In this letter a new active element the Current Follower Transconductance Amplifier (CFTA) for the realization of the current-mode analog blocks is presented. The element is a combination of the Current Follower (CF) and the Balanced Output Transconductance Amplifier (BOTA). Possible internal structure of the CFTA is presented. The usage of the new active element is shown on the design of the Kerwin-Huelsman-Newcomb (KHN) structure working in the current mode. The frequency filter using the CFTA elements has been designed using the signal-flow graphs. The circuit structure employs three CFTA elements and two grounded passive elements. The filter enables realizing not only the basic functions as the low- (LP), band- (BP) and high-pass (HP) but also the notch and all-pass (AP) filter. The advantage of the structure presented is that the outputs of the filter are at high impedance and hence it is not necessary to use other auxiliary active elements. The properties of the filter proposed were verified by sensitivity and AC analyses in the PSPICE program.
45 citations
TL;DR: It is shown that a typical software implementation of NTRU is vulnerable to the simple power analysis and the correlation power analysis including a second-order power attack.
Abstract: The NTRU cryptosystem is a public key system based on lattice problems. While its theoretical security has been well studied, little effort has been made to analyze its security against implementation attacks including power analysis attacks. In this paper, we show that a typical software implementation of NTRU is vulnerable to the simple power analysis and the correlation power analysis including a second-order power attack. We also present novel countermeasures to prevent these attacks, and perform experiments to estimate the performance overheads of our countermeasures. According to our experimental results, the overheads in required memory and execution time are only 8.17% and 9.56%, respectively, over a Tmote Sky equipped with an MSP430 processor.
41 citations
TL;DR: This paper considers replacement and maintenance policies for an operating unit which works at random times for jobs, and an optimal policy which minimizes the expected cost rate is derived analytically.
Abstract: This paper considers replacement and maintenance policies for an operating unit which works at random times for jobs. The unit undergoes minimal repairs at failures and is replaced at a planned time T or at a number N of working times, whichever occurs first. The expected cost rate is obtained, and an optimal policy which minimizes it is derived analytically. The imperfect preventive maintenance (PM) model, where the unit is improved by PM after the completion of each working time, is analyzed. Furthermore, when the work of a job incurs some damage to the unit, the replacement model with number N is proposed. The expected cost rate is obtained by using theory of cumulative processes. Two modified models, where the unit is replaced at number N or at the first completion of the working time over time T, and it is replaced at T or number N, whichever occurs last, are also proposed. Finally, when the unit is replaced at time T, number N or Kth failure, whichever occurs first, the expected cost rate is also obtained.
36 citations
TL;DR: A class of features that are robust to the tilt of the attached sensor module and a state transition model suitable for HMM-based activity recognition are presented and shows significant improvements in recognition experiments over a variety of human activity DB.
Abstract: In this letter, we propose a novel approach to human activity recognition. We present a class of features that are robust to the tilt of the attached sensor module and a state transition model suitable for HMM-based activity recognition. In addition, postprocessing techniques are applied to stabilize the recognition results. The proposed approach shows significant improvements in recognition experiments over a variety of human activity DB.
36 citations
TL;DR: Three methods of density ratio estimation are considered and it is proved that when the numerator and denominator densities are known to be members of the exponential family, (C) is better than (A) and (B), which would be the most promising approach in practical situations where no exact model is available.
Abstract: Density ratio estimation has gathered a great deal of attention recently since it can be used for various data processing tasks. In this paper, we consider three methods of density ratio estimation: (A) the numerator and denominator densities are separately estimated and then the ratio of the estimated densities is computed, (B) a logistic regression classifier discriminating denominator samples from numerator samples is learned and then the ratio of the posterior probabilities is computed, and (C) the density ratio function is directly modeled and learned by minimizing the empirical Kullback-Leibler divergence. We first prove that when the numerator and denominator densities are known to be members of the exponential family, (A) is better than (B) and (B) is better than (C). Then we show that once the model assumption is violated, (C) is better than (A) and (B). Thus in practical situations where no exact model is available, (C) would be the most promising approach to density ratio estimation.
34 citations
TL;DR: The parasitics of the pad can be modeled from the L-2L through-line and measurement results of the transmission lines and transistors can be de-embedded by subtracting the parasitic matrix of the pads.
Abstract: SUMMARY An L-2L through-line de-embedding method has been verified up to millimeter wave frequency. The parasitics of the pad can be modeled from the L-2L through-line. Measurement results of the transmission lines and transistors can be de-embedded by subtracting the parasitic matrix of the pad. Therefore, the de-embedding patterns, which is used for modeling active and passive devices, decrease greatly and the chip area also decreases. A one-stage amplifier is firstly implemented for helping verifying the de-embedding results. After that a four-stage 60 GHz amplifier has been fabricated in CMOS 65 nm process. Experimental results show that the four-stage amplifier realizes an input matching better than −10.5 dB and an output matching better than −13 dB at 61 GHz. A small signal power gain of 16.4 dB and a 1 dB output compression point of 4.6 dBm are obtained with a DC current consumption of 128 mA from a 1.2 V power supply. The chip size is 1. 5m m× 0.85 mm.
32 citations
TL;DR: The characteristic properties of the logistic map over integers are shown and the sequences generated by the map are discussed and compared to real domains with infinite precision.
Abstract: The logistic map is a chaotic mapping. Although several studies have examined logistic maps over real domains with infinite/finite precisions, there has been little analysis of the logistic map over integers. Focusing on differences between the logistic map over the real domain with infinite precision and the logistic map over integers with finite precision, we herein show the characteristic properties of the logistic map over integers and discuss the sequences generated by the map.
29 citations
TL;DR: This paper shows that the encoder of a Slepian-Wolf code cannot be used as a hash function for the privacy amplification if the authors employ the strong security criterion.
Abstract: Privacy amplification is a technique to distill a secret key from a random variable by a function so that the distilled key and eavesdropper's random variable are statistically independent. There are three kinds of security criteria for the key distilled by privacy amplification: the normalized divergence criterion, which is also known as the weak security criterion, the variational distance criterion, and the divergence criterion, which is also known as the strong security criterion. As a technique to distill a secret key, it is known that the encoder of a Slepian-Wolf (the source coding with full side-information at the decoder) code can be used as a function for privacy amplification if we employ the weak security criterion. In this paper, we show that the encoder of a Slepian-Wolf code cannot be used as a function for privacy amplification if we employ the criteria other than the weak one.
28 citations
TL;DR: The maximum partial Hamming correlation lower bounds of frequency hopping sequences with low hit zone are established and the new bounds include the known Lempel-Greenberger bound, Peng-Fan bounds, Eun-Jin-Hong-Song bound and Peng- fan-Lee bounds as special cases.
Abstract: In order to evaluate the goodness of frequency hopping sequence design, the periodic Hamming correlation function is used as an important measure. Usually, the length of correlation window is shorter than the period of the chosen frequency hopping sequence, so the study of the partial Hamming correlation of frequency hopping sequence is particularly important. In this paper, the maximum partial Hamming correlation lower bounds of frequency hopping sequences with low hit zone, with respect to the size of the frequency slot set, the length of correlation window, the family size, the low hit zone, the maximum partial Hamming autocorrelation and the maximum partial Hamming crosscorrelation are established. It is shown that the new bounds include the known Lempel-Greenberger bound, Peng-Fan bounds, Eun-Jin-Hong-Song bound and Peng-Fan-Lee bounds as special cases.
TL;DR: A novel theoretical synthesis method of the neuron for application to spike-pattern division multiplex communications in an artificial pulse-coupled neural network is presented and fundamental comparisons to existing impulse radio sequence design methods are given.
Abstract: A digital spiking neuron is a wired system of shift registers that can generate spike-trains having various spike patterns by adjusting the wiring pattern between the registers. Inspired by the ultra-wideband impulse radio, a novel theoretical synthesis method of the neuron for application to spike-pattern division multiplex communications in an artificial pulse-coupled neural network is presented. Also, a novel heuristic learning algorithm of the neuron for realization of better communication performances is presented. In addition, fundamental comparisons to existing impulse radio sequence design methods are given.
TL;DR: It is shown that the adaptive projected subgradient method (Yamada, 2003) realizes the multi-domain adaptive learning by employing a projected gradient operator with respect to a 'fixed' proximity function reflecting the time-invariant specifications.
Abstract: We propose the multi-domain adaptive learning that enables us to find a point meeting possibly time-varying specifications simultaneously in multiple domains, e.g. space, time, frequency, etc. The novel concept is based on the idea of feasibility splitting—dealing with feasibility in each individual domain. We show that the adaptive projected subgradient method (Yamada, 2003) realizes the multi-domain adaptive learning by employing (i) a projected gradient operator with respect to a 'fixed' proximity function reflecting the time-invariant specifications and (ii) a subgradient projection with respect to 'time-varying' objective functions reflecting the time-varying specifications. The resulting algorithm is suitable for real-time implementation, because it requires no more than metric projections onto closed convex sets each of which accommodates the specification in each domain. A convergence analysis and numerical examples are presented.
TL;DR: The built-in determined sub-key correlation power analysis (BS-CPA) as discussed by the authors was proposed to increase the signal-to-noise ratio (SNO) in CPA.
Abstract: Correlation power analysis (CPA) is a well-known attack against cryptographic modules with which an attacker evaluates the correlation between the power consumption and the sensitive data candidates calculated from a guessed sub-key and known data such as plaintexts and ciphertexts. This paper enhances CPA to propose a new general power analysis, built-in determined sub-key CPA (BS-CPA), which finds a new sub-key by using the previously determined sub-keys recursively to compute the sensitive data candidates and to increase the signal-to-noise ratio in its analysis. BS-CPA also reuses the power traces in the repetitions of finding sub-keys to decrease the total number of the required traces for determining the all sub-keys. BS-CPA is powerful and effective when the multiple sensitive data blocks such as sbox outputs are processed simultaneously as in the hardware implementation. We apply BS-CPA to the power traces provided at the DPA contest and succeed in finding a DES key using fewer traces than the original CPA does.
TL;DR: A gate delay estimation method that takes into account dynamic power supply noise and overcomes the problems with iterative computations and consideration of input voltage drop is presented.
Abstract: This paper presents a gate delay estimation method that takes into account dynamic power supply noise We review STA based on static IR-drop analysis and a conventional method for dynamic noise waveform, and reveal their limitations and problems that originate from circuit structures and higher delay sensitivity to voltage in advanced technologies We then propose a gate delay computation that overcomes the problems with iterative computations and consideration of input voltage drop Evaluation results with various circuits and noise injection timings show that the proposed method estimates path delay fluctuation well within 1% error on average
TL;DR: An alternative definition of the smooth Renyi entropy of order zero is introduced, and a unified approach to present the fixed-length coding rate in terms of this information quantity is shown.
Abstract: This paper establishes a new unified method for fixed-length source coding problems of general sources. Specifically, we introduce an alternative definition of the smooth Renyi entropy of order zero, and show a unified approach to present the fixed-length coding rate in terms of this information quantity. Our definition of the smooth Renyi entropy has a clear operational meaning, and hence is easy to calculate for finite block lengths. Further, we represent various e-source coding rate and the strong converse property for general sources in terms of the smooth Renyi entropy, and compare them with the results obtained by Han and Renner et al.
TL;DR: This letter suggests a novel high capacity robust audio watermarking algorithm by using the high frequency band of the wavelet decomposition, for which the human auditory system (HAS) is not very sensitive to alteration.
Abstract: This letter suggests a novel high capacity robust audio watermarking algorithm by using the high frequency band of the wavelet decomposition, for which the human auditory system (HAS) is not very sensitive to alteration. The main idea is to divide the high frequency band into frames and then, for embedding, the wavelet samples are changed based on the average of the relevant frame. The experimental results show that the method has very high capacity (about 5.5 kbps), without significant perceptual distortion (ODG in [―1, 0] and SNR about 33 dB) and provides robustness against common audio signal processing such as added noise, filtering, echo and MPEG compression (MP3).
TL;DR: A robust state observer for multi-input multi-output LTI systems is proposed and the existence condition is shown to be the same as that of the proportional-integral (PI) observer.
Abstract: This paper proposes a robust state observer for multi-input multi-output LTI systems. Unknown inputs of polynomial form and high-frequency measurement noises are considered in the system model. The unknown inputs and the noises are not in the same form. Multiple integrations of both the observer error signal and the measurement output are used for the observer design. The existence condition of the proposed observer is shown to be the same as that of the proportional-integral (PI) observer. Computer simulations show the effectiveness of the proposed observer.
TL;DR: In this paper, the authors present the Mac Williams identity for the m-spotty weight enumerator of m-Spotty byte error control codes, which is defined as random t-bit errors within a byte of length b bits.
Abstract: M-spotty byte error control codes are very effective for correcting/detecting errors in semiconductor memory systems that employ recent high-density RAM chips with wide I/O data (e.g., 8, 16, or 32 bits). In this case, the width of the I/O data is one byte. A spotty byte error is defined as random t-bit errors within a byte of length b bits, where 1 ≤ t < b. Then, an error is called an m-spotty byte error if at least one spotty byte error is present in a byte. M-spotty byte error control codes are characterized by the m-spotty distance, which includes the Hamming distance as a special case for t = 1 or t = b. The Mac Williams identity provides the relationship between the weight distribution of a code and that of its dual code. The present paper presents the Mac Williams identity for the m-spotty weight enumerator of m-spotty byte error control codes. In addition, the present paper clarifies that the indicated identity includes the Mac Williams identity for the Hamming weight enumerator as a special case.
TL;DR: A novel construction of complementary sequences with multi-width zero cross-correlation zone (ZCCZ) is presented based on the interleaving iteration of a basic kernel set, which allows a more flexible choice of sequence parameters.
Abstract: A novel construction of complementary sequences with multi-width zero cross-correlation zone (ZCCZ) is presented based on the interleaving iteration of a basic kernel set. The presented multi-width ZCCZ complementary (MWZC) sequences can be divided into multiple sequence groups, the correlation functions of which possess one-width intragroup ZCCZ and multi-width intergroup ZCCZ. When an arbitrary orthogonal sequence set with set size equal to sequence length is used as a basic kernel set, the constructed MWZC sequence set and the combination sets of specific subsets with each subset including several groups can be optimal with respect to the theoretical bound on set size. In addition, the MWZC sequence set includes complementary sequence sets with one-width or two-width ZCCZ as special subsets, and allows a more flexible choice of sequence parameters.
TL;DR: A multi-pass sandbox analysis with a controlled Internet connection is proposed and it is confirmed that a noticeable number of IP scans, vulnerability exploitations, and DoS attacks are successfully contained in the sandbox.
Abstract: Malware sandbox analysis, in which a malware sample is actually executed in a testing environment (i.e. sandbox) to observe its behavior, is one of the promising approaches to tackling the emerging threats of exploding malware. As a lot of recent malware actively communicates with remote hosts over the Internet, sandboxes should also support an Internet connection, otherwise important malware behavior may not be observed. In this paper, we propose a multi-pass sandbox analysis with a controlled Internet connection. In the proposed method, we start our analysis with an isolated sandbox and an emulated Internet that consists of a set of dummy servers and hosts that run vulnerable services, called Honeypots in the Sandbox (HitS). All outbound connections from the victim host are closely inspected to see if they could be connected to the real Internet. We iterate the above process until no new behaviors are observed. We implemented the proposed method in a completely automated fashion and evaluated it with malware samples recently captured in the wild. Using a simple containment policy that authorizes only certain application protocols, namely, HTTP, IRC, and DNS, we were able to observe a greater variety of behaviors compared with the completely isolated sandbox. Meanwhile, we confirmed that a noticeable number of IP scans, vulnerability exploitations, and DoS attacks are successfully contained in the sandbox. Additionally, a brief comparison with two existing sandbox analysis systems, Norman Sandbox and CWSandbox, are shown.
TL;DR: This paper proposes a revocable scheme with signing and verifying of O(1) complexity, where any update of secret key is not required, and extends it to the scheme with O( VN)-size public key, where signing and verify have constant extra costs.
Abstract: Lots of revocable group signature schemes have been proposed so far. In one type of revocable schemes, signing and/or verifying algorithms have O(N) or O(R) complexity, where N is the group size and R is the number of revoked members. On the other hand, in Camenisch-Lysyanskaya scheme and the followers, signing and verifying algorithms have O(1) complexity. However, before signing, the updates of the secret key are required. The complexity is O(R) in the worst case. In this paper, we propose a revocable scheme with signing and verifying of O(1) complexity, where any update of secret key is not required. The compensation is the long public key of O(N). In addition, we extend it to the scheme with O( VN)-size public key, where signing and verifying have constant extra costs.
TL;DR: A stronger eavesdropping model where the eavesdroppers possess the ability to re-select the tapping links during the transmission is considered, and a proof is given for the impossibility of attaining universal security against such adversaries using Silva et al.'s code.
Abstract: Silva et al. proposed a universal secure network coding scheme based on MRD codes, which can be applied to any underlying network code. This paper considers a stronger eavesdropping model where the eavesdroppers possess the ability to re-select the tapping links during the transmission. We give a proof for the impossibility of attaining universal security against such adversaries using Silva et al.'s code for all choices of code parameters, even with a restricted number of tapped links. We also consider the cases with restricted tapping duration and derive some conditions for this code to be secure.
TL;DR: The Fuzzy Directional filter is presented to remove impulse noise from corrupted colour images and simulation results have shown that the restoration performance is better in comparison with other known filters.
Abstract: We present the Fuzzy Directional (FD) filter to remove impulse noise from corrupted colour images. Simulation results have shown that the restoration performance is better in comparison with other known filters.
TL;DR: It is shown that multi-edge type LDPC (MET-LDPC) codes are generalized structured LDPC codes introduced by Richardson and Urbanke and that the parameter corresponding λ′(0)ρ′(1) appearing in the conditions for MET-LD PC codes is given by the spectral radius of the matrix defined by extended degree distributions.
Abstract: The multi-edge type LDPC codes, introduced by Richardson and Urbanke, present the general class of structured LDPC codes. In this paper, we derive the average weight distributions of the multi-edge type LDPC code ensembles. Furthermore, we investigate the asymptotic exponential growth rate of the average weight distributions and investigate the connection to the stability condition of the density evolution.
TL;DR: It is shown that the generalized Gray image of a linear length-N (1-ut)-cyclic code over $\F_q[u]/\gen{u^{t+1}}$ is a distance-invariantlinear length-qtN quasi- cyclic code of index qt / p over $\f_q$.
Abstract: A generalized Gray map for codes over the ring $\F_q[u]/\gen{u^{t+1}}$ is introduced, where q = pm is a prime power. It is shown that the generalized Gray image of a linear length-N (1-ut)-cyclic code over $\F_q[u]/\gen{u^{t+1}}$ is a distance-invariant linear length-qtN quasi-cyclic code of index qt / p over $\F_q$. It turns out that if (N, p)=1 then every linear code over $\F_q$ that is the generalized Gray image of a length-N cyclic code over $\F_q[u]/\gen{u^{t+1}}$, is also equivalent to a linear length-qtN quasi-cyclic code of index qt/p over $\F_q$. The relationship between linear length-pN cyclic codes with (N, p)=1 over $\F_p$ and linear length-N cyclic codes over $\F_p+u\F_p$ is explicitly determined.
TL;DR: Comparison of symbol error probability (SEP) versus signal-to-noise ratio (SNR) between soft and hard decoding using integer coded modulation shows that at least 2dB coding gain can be obtained.
Abstract: Integer codes are very flexible and can be applied in different modulation schemes. A soft decoding algorithm for integer codes will be introduced. Comparison of symbol error probability (SEP) versus signal-to-noise ratio (SNR) between soft and hard decoding using integer coded modulation shows us that we can obtain at least 2dB coding gain. Also, we shall compare our results with trellis coded modulation (TCM) because of their similar decoding schemes and complexity.
TL;DR: This work provides two new necessary conditions for feedback functions of NFSRs with period 2n to be maximum length and focuses on two extreme cases where k = 4 and k = 2n-1.
Abstract: Feedback shift registers are basic building blocks for many cryptographic primitives. Due to the insecurities of Linear Feedback Shift Register (LFSR) based systems, the use of Nonlinear Feedback Shift Registers (NFSRs) became more popular. In this work, we study the feedback functions of NFSRs with period 2n. First, we provide two new necessary conditions for feedback functions to be maximum length. Then, we consider NFSRs with k-monomial feedback functions and focus on two extreme cases where k = 4 and k = 2n-1. We study construction methods for these special cases.
TL;DR: A new dimension of soft decoding turbo-like multi-stage threshold decoding for self-orthogonal convolutional codes (SOCCs) and gives 0.20 dB more coding gain compared to MTD for equivalent SOCCs at the bit error rate less than 10-4.
Abstract: This paper describes a least complex, high speed decoding method named multi-stage threshold decoding (MTD-DR). Each stage of MTD-DR is formed by the traditional threshold decoder with a special shift register, called difference register (DR). After flipping each information bit, DR helps to shorten the Hamming and the Euclidian distance between a received word and the decoded codeword for hard and soft decoding, respectively. However, the MTD-DR with self-orthogonal convolutional codes (SOCCs), type 1 in this paper, makes an unavoidable error group, which depends on the tap connection patterns in the encoder, and limits the error performance. This paper introduces a class of SOCCs type 2 which can breakdown that error group, as a result, MTD-DR gives better error performance. For a shorter code (code length =4200), hard and soft decoding MTD-DR achieves 4.7dB and 6.5dB coding gain over the additive white Gaussian noise (AWGN) channel at the bit error rate (BER) 10-5, respectively. In addition, hard and soft decoding MTD-DR for a longer code (code length =80000) give 5.3dB and 7.1dB coding gain under the same condition, respectively. The hard and the soft decoding MTD-DR experiences error flooring at high Eb/N0 region. For improving overall error performance of MTD-DR, this paper proposes parity check codes concatenation with soft decoding MTD-DR as well.
TL;DR: A new Pedestrian-Vehicular Collision Avoidance Support System (P-VCASS) is proposed which extends VCASS and shows the validity of the proposed system by experiments using some vehicles.
Abstract: In recent years, researchers have studied extensively about vehicle collision avoidance. The authors have developed Vehicular Collision Avoidance Support System (VCASS) based on IVC in order to prevent a vehicular collision beforehand. The system grasps the relative locations of vehicles by exchanging the GPS information in each vehicle. Then the system warns drivers if it detects some danger of collision. VCASS can drastically reduce the potential accidents of vehicular collisions. However, VCASS can not avoid collisions between vehicles and pedestrians, but avoid collisions just between vehicles. About 30% of fatal accidents by vehicles are happened with pedestrians in Japan. So it is necessary to develop a new system for pedestrians. This paper deals with collision avoidance between pedestrians and vehicles. There are two problems to develop such system. First it is necessary to reduce the power consumption of the pedestrian terminal, because pedestrian terminals have small-sized battery compared with vehicles. Second it is necessary to consider the movement characteristic of the pedestrian. In this paper, we propose a new Pedestrian-Vehicular Collision Avoidance Support System (P-VCASS) which extends VCASS. P-VCASS solves above two problems. We show the validity of the proposed system by experiments using some vehicles.