Asrul H. Yaacob scite author profile

Despite many advantages of Identity-based Public Key Cryptography (ID-PKC) in removing the certificates of public key over traditional Public Key Infrastructure (PKI), there are some problems related to key escrow property and the need for a secure channel to transmit the private key to the user. A Certificateless Public Key Cryptography (CL-PKC) retains the efficiency of ID-PKC while it solves the key escrow problem and does not need a certificate. The requirement of the infrastructure of the CL-PKC is to transmit the partial key to the user. Therefore, a partial key issuing mechanism is needed to deliver the partial key to the user through a secure channel. In this paper, a new algorithm for partial private key transmission is proposed which uses a simple blinding technique and user chosen secret value to eliminate secure channel problem. The proposed scheme is secure under the hardness assumption of Diffie-Hellman problem. I. INTRODUCTIONOne of the main issues in any systems that generate public and private keys for the user is the binding between public and private keys and the means of verifying these keys. In traditional public key infrastructure (PKI), this is achieved through the use of certificates. In traditional PKI, public and private key can be generated at the same time. Thus, the key pair can be generated by a Certificate Authority (CA) or by user and the integrity of the public key is protected by a certificate issued by the CA. But, one of the difficulties in traditional PKI is certificate revocation. To simplify revocation, Gentry [1] proposed the concept of Certificate-Based Encryption (CBE).According to [1], in CBE, public key generated by a user is authenticated by a certificate issued by CA. A certificate is a digital document signed by CA which binds a public key to a specific user. It provides explicit authentication since the authenticity of the public key can be convinced by anyone verifying the certificate. Any participant who wants to use other entity's public key must first verify the certificate in order to check the authenticity of the public key. So, each user has to retrieve, verify and store the certificates of all users that he is communicating with which requires a large amount of storage and communication and computation. In this model, each entity's private key consist of two components: the first component is a secret or private component that entity choose for itself and keeps it private; and the second component which is issued by CA over a public channel.

show abstract

Network performance testing on VM based autonomous web server

Mas'ud

Yaacob

Ahmad

2006

View full text Add to dashboard Cite

As online services increasingly play vital roles in modern society, the possibilities and opportunities offered are limitless, unfortunately, so too are the risks and chances of malicious intrusions. Intrusion Detection Systems (IDSs) has been widely used as an important component in protecting online service towards web attacks and evasions. Yet, today's architectures for intrusion detection force the IDS designer to make a difficult choice to place IDS, so that it can protect itself from a direct attack. To address these challenges, this paper introduces a novel framework to safeguard IDS from a direct attack. Simply called Zero Administrative Server (ZAS), the system incorporates IDS in a Virtual Machine (VM) environment. VM offers strong isolation for IDS from the monitored services and provides significant resistance to malicious attacks. Moreover, this VM based WWW server has the ability to monitor the network traffic to the running services; analyse the information obtained and detect the intrusion; alienate the intruder from the services; and reconstruct the corrupted data or damaged files caused by the evasion. In this paper, we demonstrate ZAS by exposing it to several attacking tools as well as to show the effects it takes on the network performance in terms of TCP throughput and application-to-application round trip time.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Asrul H. Yaacob

ARIMA Based Network Anomaly Detection

End to End Ipsec Support across Ipv4/Ipv6 Translation Gateway

Comparative Analysis and Implementation of Certificateless Based Authentication Scheme

Secure partial secret key issuing in Certificateless Public Key Infrastructure

Network performance testing on VM based autonomous web server

Contact Info

Product

Resources

About