Journal Article

Permanent URI for this collectionhttps://ir.daiict.ac.in/handle/123456789/37

Browse

Filters

2008 - 200982010 - 201914

Settings

Author: search.filters.author.Das, ManiklalEnd date: 2019

Search Results

Now showing 1 - 10 of 22
  • Thumbnail Image
    PublicationMetadata only
    detecting flaws in dynamic hierarchical key management schemes using specification animation
    (01-09-2012) Mundra, Anil; Mathuria, Anish; Das, Maniklal; DA-IICT, Gandhinagar; Kumar, Naveen Sahu (201021001); Mundra, Anil (200911022)
    In key assignment schemes for hierarchical access control systems, each access class has a key associated with it that can be used to derive the keys associated with every descendant of that class. Many recently proposed key assignment schemes support updates to the hierarchy such as addition and deletion of classes and class relationships. The dynamic changes entail a change to the hierarchy as well as re-computing of public and secret information. In this paper, we describe a software tool that supports the animation of specifications of dynamic schemes. The specification of a scheme, written in Prolog, corresponds to a symbolic model of the algorithms used by the scheme for key generation and for handling dynamic changes. The tool allows us to generate a test hierarchy, generate keys for the classes in the hierarchy, and simulate various dynamic operations. The animation search using the tool has shown to be useful in finding previously unreported attacks on several existing dynamic schemes.
  • Thumbnail Image
    PublicationMetadata only
    A provable secure key-escrow-free identity-based signature scheme without using secure channel at the phase of private key issuance
    (Springer, 01-06-2019) Sahana, Subhas chandra; Bhuyan, Bubu; Das, Maniklal; DA-IICT, Gandhinagar
    The identity-based cryptosystems furnish us with simplest key management procedures. Yet, they have a very slow adoption in cryptography due to the key escrow problem and the necessity of a secure channel between the user and the Private Key Generator (PKG) to transmit the created private key to the user. In this paper, we propose an identity-based signature scheme that not only solves the key escrow problem but also eliminates the requirement of the secure channel. The proposed scheme is secure against existential forgery under adaptively chosen message and ID attacks in the random oracle model assuming the hardness of the Computational Diffie�Hellmann Problem (CDHP). Furthermore, we compare the efficiency of our scheme to that of a similar established scheme.
  • Thumbnail Image
    PublicationMetadata only
    Detection of Node Capture Attack in Wireless Sensor Networks
    (IEEE, 01-03-2019) Agrawal, Sarita; Lopez, Javier; Das, Maniklal; DA-IICT, Gandhinagar; Agrawal, Sarita (201121013)
    Wireless sensor networks (WSNs) deployed in hostile environments for applications such as battle-field surveillance are vulnerable to various attacks, including node capture attack wherein an adversary physically captures, reprograms, and redeploys a node in the network. In this paper, we present a novel approach of program integrity verification (PIV) protocol to detect whether a node is captured. The cluster head equipped with trusted platform module (TPM) verifies by comparing the program memory content of the sensor node before and after capture. The proposed TPM-enabled PIV (TPIV) protocol uses dynamically computed hash-based key and pseudorandom function for detection of a captured node in the network. The security analysis of the TPIV protocol reveals that the probability of a node capture attack victim eluding the PIV and leaking the secret of any noncaptured node is negligible. The proposed TPIV protocol can detect the captured node even in the presence of a strong adversary capable of putting additional memory to elude the PIV. With the results of analytical and experimental comparisons, we show the performance improvement of TPIV protocol in terms of low communication, computation, and storage overhead as compared to the related protocols for PIV in WSN.
  • Thumbnail Image
    PublicationMetadata only
    MPEG Video Security using Motion Vectors and Quadtrees
    (Eu/Index, 30-09-2012) Singhal, Anshul; Das, Maniklal; DA-IICT, Gandhinagar; Singhal, Anshul (200701175)
  • Thumbnail Image
    PublicationMetadata only
    An Efficient Key Escrow-Free Identity-Based Signature Scheme
    (IJAER, 01-04-2017) Sahana, Subhas Chandra; Bhuyan, Bubu; Das, Maniklal; DA-IICT, Gandhinagar
  • Thumbnail Image
    PublicationMetadata only
    Digital image protection using keyed hash function
    (IGI Global, 01-04-2012) Muraharirao, Siva Charan; Das, Maniklal; DA-IICT, Gandhinagar; Rao, Siva Charan Murahari (200501159)
    Digital image authentication is an essential attribute for protecting digital image from piracy and copyright violator. Anti-piracy, digital watermarking, and ownership verification are some mechanisms evolving over the years for achieving digital image authentication. Cryptographic primitives, such as hash function, digital signature, and message authentication codes are being used in several applications including digital image authentication. Use of Least Significant Bit LSB is one of the classical approaches for digital image authentication. Although LSB approach is efficient, it does not provide adequate security services. On the other hand, digital signature-based image authentication provides better security, but with added computational cost in comparison with LSB approach. Furthermore, digital signature-based authentication approach requires managing public key infrastructure. Considering security weakness of LSB-based approach and cost overhead of public key based approach, the authors present a digital image authentication scheme using LSB and message authentication codes MAC. The MAC-based approach for authenticating digital image is secure and efficient approach without public key management overhead. The authors also provide experimental results of the proposed scheme using MATLAB. The experimental results show that the proposed scheme is efficient and secure in comparisons with other schemes.
  • Thumbnail Image
    PublicationMetadata only
    On the security of SSL/TLS-enabled applications
    (Elsevier, 01-01-2014) Samdaria, Navkar; Das, Maniklal; DA-IICT, Gandhinagar; Samdaria, Navkar (200501174)
    SSL/TLS (Secure Socket Layer/Transport Layer Security)-enabled web applications aim to provide�public key certificate�based�authentication, secure�session key establishment, and symmetric key based traffic confidentiality. A large number of electronic�commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM) attack, has been exploited by attackers of SSL/TLS-enabled web applications, particularly when naive users want to connect to an SSL/TLS-enabled web server. In this paper, we discuss about the MITM threat to SSL/TLS-enabled web applications. We review the existing space of solutions to counter the MITM attack on SSL/TLS-enabled applications, and then, we provide an effective solution which can resist the MITM attack on SSL/TLS-enabled applications. The proposed solution uses a soft-token based approach for�user authentication�on top of the SSL/TLS�s security features. We show that the proposed solution is secure, efficient and user friendly in comparison to other similar approaches.
  • Thumbnail Image
    PublicationMetadata only
    Secure Multicast using IPSec and Multi-party Key Computation
    (01-08-2014) Mudgerikar, Anand; Das, Maniklal; DA-IICT, Gandhinagar; Mudgerikar, Anand
    In recent times, the demand for multicast communications is increasing, both from internet service providers and from the content, media providers or distributors. One of the main obstacles to the wider commercial deployment of internet protocol (IP) multicast is the lack of security for the content being transmitted through IP multicast and communication infrastructure underlying IP multicast. This paper presents a multi-party key computation (MKC) protocol which provides added security to IP multicast. The group key computation, in our protocol, involves multi-party computations using one-time pad and a secret sharing scheme. The proposed protocol is secure, efficient and compatible with IPSec.
  • Thumbnail Image
    PublicationMetadata only
    Key-escrow free multi-signature scheme using bilinear pairings
    (De Gruyter, 01-03-2015) Das, Manik Lal; Das, Maniklal; DA-IICT, Gandhinagar
    We present a multi-signature scheme based on bilinear pairings. The scheme is key escrow-free and does not require any secure channel for private key issuance to users. We use a binding-blinding technique to avoid the key escrow problem and to eliminate a secure channel requirement for the key issuance stage. The basic scheme is extended to sequential and parallel multi-signature schemes. We show that the basic scheme and multi-signature schemes are secure against adaptive chosen message attacks under standard assumptions.
  • Thumbnail Image
    PublicationMetadata only
    An improved bilinear pairing based remote user authentication scheme
    (Elsevier, 01-01-2009) Goriparthi, Thulasi; Saxena, Ashutosh; Das, Maniklal; DA-IICT, Gandhinagar
    Recently Das et al. proposed a novel remote user authentication scheme using bilinear pairings. Chou et al. identified a weakness in Das et al.'s scheme and made an improvement. In this paper, we show that both Das et al.'s and Chou et al.'s schemes are insecure against forgery and replay attacks. We proposed an improved scheme that overcomes the security flaws without affecting the merits of the original scheme.