Sufyan T. Faraj Al-Janabi

Public-Key Cryptography Enabled Kerberos Authentication

Kerberos is a trusted third party authentication protocol based on symmetric key cryptography. This paper studies how Kerberos authentication standard can be extended to support public key cryptography. The paper aims to do this by implementing the most important public-key cryptography extension specifications to the traditional Kerberos standard which incorporate public-key infrastructure (PKI) into the scope of underlying systems trusted by Kerberos. Thus, qualitative experimental measurements can be performed to study and compare various extensions. Although public key crypto-system requires calculations that are computationally expensive, it is well believed that they can eliminate some of Kerberos protocol limitations. The public-key based protocols PKINIT, PKCROSS, and PKTAPP add public-key cryptography support at different stages of the Kerberos framework. They all attempt to improve Kerberos scalability and security by simplifying key management and utilizing trustworthy public-key infrastructures Together. The PKINIT and PKCROSS specifications define a public key based authentication solution across multi-realm Kerberos networks. PKTAPP makes more fundamental changes to the Kerberos standard in an attempt to achieve greater improvements in scalability, security and client privacy issues. Analysis and evaluation have been performed based on our own developed prototype implementations of PKINIT, PKCROSS, and PKTAPP.

Development of Certificate Authority services for web applications

The most important security services are confidentiality, integrity, authentication, and non-repudiation. When designing a communication system, the security services of this system must be defined. The Public-Key Infrastructure (PKI) is a technology that can meet these security services with its techniques and standards. A PKI system works by having a Certificate Authority (CA) for issuing public-key certificates. The aim of this work is to design and implement a CA system that can create and assign public key certificates. Hence, the system enables secure communication and proper authentication. Besides the basic security requirements, the developed system uses an approach that can contribute in facilitating the revocation of the certificates. It also gives these certificates additional security/performance advantage by using the Elliptic Curve Cryptography (ECC) instead of the RSA cryptography. The design and implementation of the proposed system have been achieved using PHP and HTML programming languages besides MySQL database server and Apache web server.

Video Encryption Based on Special Huffman Coding and Rabbit Stream Cipher

In this paper a two Special Huffman Tree (SHT) algorithms have been designed and implemented to be encoded with an MPEG video file instead of the standard Huffman tree algorithm. The first SHT has been built with 89-entries, and the other with 100-entries. The SHTs are encrypted using part of the key-stream generated by Rabbit algorithm. The other part of the key-stream is used in insertion operation. In this latter operation, a number of bits of the key-stream are inserted in the coded desired file. The encrypted SHTs with the encoded desired file are sent to the receiver, so no one knows the tree used to encode the file except the sender and the receiver. Many types of tests and measurements (such as efficiency, compression, speed, and security measurements) have been performed to evaluate the performance of this algorithm. Calculation of the compression efficiency of SHTs has been found to be higher than that of the standard Huffman tree. Also, it has been shown that the increasing ratio in size of the generated file to that of the original file is very small and can be neglected.

Strategic plan for enhancing higher education computing degree programs in Iraq

Computing has dramatically influenced progress in science, engineering, business, and many other areas of human endeavor. Computing is globally pervasive and necessary for the future growth of established and developing countries. Iraq is a part of this competitive world where such changes lead to serious consequences for those who do not quickly and properly adapt themselves to new situations. The main aim of this paper is to propose a strategic plan for the enhancement of computing degree programs in Iraqi universities and higher institutions. The paper begins by providing an overview of computing curriculum development. Then, computing education programs in Iraq are presented from a historic standpoint. The current situation in Iraq for computing education programs is also described in the paper. This current status provides the basis for the description of the proposed strategic plan.

Nahrainfish: A green cryptographic block cipher

In this work, we propose a new block cipher that is called Nahrainfish, which we believe that it offers the required security level for present and foreseeable future without a big sacrifice in efficiency and other related criteria. Instead of building Nahrainfish totally from scratch, we have made a benefit from the concepts of green cryptography and some AES (Advanced Encryption Standard) finalists to develop the new cipher in such a way to obtain the required higher security level. Nahrainfish is a classical Feistel network based on a novel combination of both key-dependent S-boxes and data-dependent rotations. It operates on 128-bit blocks and accepts a variable key length up to 1024 bits. The paper also includes some important notes on the security and performance of the cipher.

Towards long-term international collaboration in computer science education

Student success in a globally distributed organization requires effective communication skills to deal with the barriers that are inherent in such settings. This paper proposes to provide students the opportunity to be involved in collaborative “real-world” projects. International collaboration in computer science education can provide both technical and cultural benefits for all parties involved. This paper represents a work-in-progress report on the first stages of preparation to start an active long-term collaboration in computer science education between Eastern Michigan University (USA) and the University of Anbar (Iraq). We present an informal timeline for developing such collaborations and enumerate potential projects. In addition, anticipated difficulties are articulated.

Combining Mediated and Identity-Based Cryptography for Securing E-Mail

This work aims to exploit a distinguished method of the public key cryptography which is known as Identity-Based Cryptography (IBC) to solve the usability problem of secure e-mail systems. The public key is taken from general information (such as e-mail address) of the recipient and thus does not require access to any certificate to validate the key. To increase the system strength, the identity-based cryptography is combined with mediated cryptography to enable the cancelation of any key that is being exposed or suspicious. In addition, all the operations of decryption and signature are controlled (without the ability to fraud or detect secret) by the authorized person to prevent hackers and non-authorized parties from using or manipulating of the system. This proposal includes the deployment of the combined method for Mediated Identity-Based Cryptography.