K. P. Chow

Efficient Forward and Provably Secure ID-Based Signcryption Scheme with Public Verifiability and Public Ciphertext Authenticity

Boyen [7] gave the first identity-based (ID-based) signcryption scheme that is forward secure, publicly verifiable as well as provably secure. However, his scheme aims at providing ciphertext unlinkability and anonymity which is not a desirable property in applications such as authentication of encrypted messages by firewalls [11], where any third party should be able to verify the origin of the ciphertext without knowing the content of the message and getting any help from the intended recipient. This requirement is referred as public ciphertext authenticity. In this paper, we give another ID-based signcryption scheme that can provide public ciphertext authenticity and is forward and provably secure as well as publicly verifiable. Our scheme is modified from Libert and Quisquater’s ID-based signcryption scheme [16] and the efficiency of our scheme is comparable to other previous ID-based signcryption schemes.

Two improved partially blind signature schemes from bilinear pairings

A blind signature scheme is a protocol for obtaining a digital signature from a signer, but the signer can neither learn the messages he/she sign nor the signatures the recipients obtain afterwards. Partially blind signature is a variant such that part of the message contains pre-agreed information (agreed by the signer and the signature requester) in unblinded form, while threshold blind signature distributes the signing power to a group of signers such that a signature can only be produced by interacting with a predetermined numbers of signers. In this paper, we propose a threshold partially blind signature scheme from bilinear pairings and an ID-based partially blind signature scheme, which are provably secure in the random oracle model. To the best of authors’ knowledge, we give the first discussion on these two notions.

Security Issues and Challenges for Cyber Physical System

In this paper, we investigate the security challenges and issues of cyber-physical systems. (1)We abstract the general workflow of cyber physical systems, (2)identify the possible vulnerabilities, attack issues, adversaries characteristics and a set of challenges that need to be addressed, (3)then we also propose a context-aware security framework for general cyber-physical systems and suggest some potential research areas and problems.

Secure Hierarchical Identity Based Signature and Its Application

At EUROCRYPT 2004, Boneh and Boyen [5] proposed a new hierarchical identity-based (ID-based) encryption (HIBE) scheme provably selective-ID secure without random oracles. In this paper we propose a new hierarchical ID-based signature that shares the same system parameters with their hierarchical ID-based encryption scheme (BB-HIBE). BB-HIBE and our signature scheme yield a complete ID-based public key cryptosystem. To the best of the authors’ knowledge, our scheme is the first provably secure hierarchical ID-based signature scheme (HIBS) and is also the first ID-based signature scheme working with the BB-HIBE. The scheme is provably secure against existential forgery for selective-ID, adaptive chosen-message-and-identity attack (EF-sID-CMIA) in the random oracle model, and have a good exact security under adaptive chosen-message attack. As a bonus result, we extend our HIBS scheme into a new forward-secure signature scheme.

IDR: an intrusion detection router for defending against distributed denial-of-service (DDoS) attacks

Distributed denial-of-service (DDoS) attack has turned into one of the major security threats in recent years. Usually the only solution is to stop the services or shut down the victim and then discard the attack traffic only after the DDoS attack characteristics (such as the destination ports of the attack packets) are known. In this paper, we introduce a generic DDoS attack detection mechanism as well as the design and setup of a testbed for performing experiments and analysis. Our results showed that the mechanism can detect DDoS attack. This enables us to proceed to the next steps of packet classification and traffic control.

An improved authenticated key agreement protocol with perfect forward secrecy for wireless mobile communication

To provide secure communication for mobile devices, an authenticated key agreement protocol is an important primitive for establishing session keys. However, most existing authenticated key agreement protocols are not designed for wireless mobile communication for which bandwidth and device storage capacity are limited. Also, as mobile devices are more vulnerable to attack, providing forward secrecy becomes an essential element in the protocol. Based on Seo and Sweeneys simple authenticated key agreement algorithm (SAKA), we develop an improved authenticated key agreement protocol that eliminates the disadvantages of SAKA and provides identity authentication, key validation, and perfect forward secrecy. Also, our protocol can foil man-in-the-middle attacks. We also show how our proposed protocol can be included in the current 3GPP2 specifications for OTASP to improve A-key (authentication key) distribution, which is the master key in IS-95 and cdma2000 mobile networks. The proposed protocol requires significantly less bandwidth, and less computational and storage overhead, while having higher security compared to 3GPP2 specifications. The proposed protocol can also be applied to other wireless communication scenarios.

Railway track possession assignment using constraint satisfaction

Abstract Resource allocation is the problem of allocating a set of resources to accomplish some task(s). Many real-world problems are resource-allocation problems, such as production planning and manpower planning. This paper reports on a case study on applying constraint-satisfaction techniques to solve a real-world resource allocation problem, referred to as the Railway Track Possession Assignment Problem, using the CHIP constraint language. The problem is to assign railway tracks to a given set of scheduled maintenance tasks according to a set of constraints. The manual problem-solving method is heuristic in nature. Experienced personnel were involved in the manual process. An expert system, called the Engineering Work Track Possession Assignment System (EWTPAS), was developed to carry out the assignment using constraint-satisfaction techniques. A new, two-phase resource allocation strategy based on constraint relaxation was developed and implemented in EWTPAS. EWTPAS succeeded in replacing the manual assignment process after test running for 1 year. EWTPAS is now in use. Besides having the advantage of being free of careless human errors, and the advantage of being independent of the availability of experienced staff, EWTPAS was found to be about 10 times more efficient than the manual method.

Reasoning about Evidence using Bayesian Networks

This paper presents methods for analyzing the topology of a Bayesian belief network created to qualify and quantify the strengths of investigative hypotheses and their supporting digital evidence. The methods, which enable investigators to systematically establish, demonstrate and challenge a Bayesian belief network, help provide a powerful framework for reasoning about digital evidence. The methods are applied to review a Bayesian belief network constructed for a criminal case involving BitTorrent file sharing, and explain the causal effects underlying the legal arguments.

The Rules of Time on NTFS File System

With the rapid development and popularity of IT technology, criminals and mischievous computer users are given avenues to commit crimes and malicious activities. As forensic science has long been used to resolve legal disputes regarding different branches of science, computer forensics is developed naturally in the aspects of computer crimes or misbehaviors. In computer forensics, temporal analysis plays a significant role in the reconstruction of events or crimes. Indeed, temporal analysis is one of the attractive areas in computer forensics that caused a large number of researches and studies. It is the purpose of this paper to focus on temporal analysis on NTFS file system and to project intuitional rules on the behavioral characteristics of related digital files

Privacy Preserving Confidential Forensic Investigation for Shared or Remote Servers

It is getting popular that customers make use of third party data service providers to store their data and emails. It is common to have a large server shared by many different users. This creates a big problem for forensic investigation. It may not be easy to clone a copy of data from the storage device(s) due to the huge volume of data. Even if it is possible to make a clone, there are many irrelevant information/data stored in the same device for which the investigators have no right to access. The other alternative is to let the service provider search the relevant information and retrieve the data for the investigator provided a warrant can be provided. However, sometimes, due to the confidentiality of the crime, the investigator may not want the service provider to know what information they are looking for or the service provider herself may be one of the suspects. The problem becomes even more obvious in terms of cloud computing technology. In this paper, we address this problem and using homomorphic encryption and commutative encryption, we provide two forensically sound schemes to solve the problem so that the investigators can obtain the necessary evidence while the privacy of other users can be protected and at the same time, the service provider cannot know what information the investigators are interested in.