A5071719477- Cryptographic Implementations and Security
- Cryptography and Data Security
- Physical Unclonable Functions (PUFs) and Hardware Security
- Chaos-based Image/Signal Encryption
- Coding theory and cryptography
- Advanced Malware Detection Techniques
- Complexity and Algorithms in Graphs
- Security and Verification in Computing
- Privacy-Preserving Technologies in Data
- Cryptography and Residue Arithmetic
- Cloud Data Security Solutions
- Internet Traffic Analysis and Secure E-voting
- Advanced Memory and Neural Computing
- Complex Network Analysis Techniques
- Quantum-Dot Cellular Automata
- Integrated Circuits and Semiconductor Failure Analysis
- Advanced Data Storage Technologies
- Opinion Dynamics and Social Influence
- Advanced Graph Neural Networks
- Blockchain Technology Applications and Security
- Neuroscience and Neural Engineering
- Advanced Steganography and Watermarking Techniques
- Network Security and Intrusion Detection
- Cellular Automata and Applications
- VLSI and Analog Circuit Testing
IBM Research - India
2022-2024
Indian Institute of Technology Kharagpur
2015-2023
Visa (United States)
2021-2023
ETH Zurich
2020-2022
Fujitsu (United States)
2019
The recently proposed Oblivious Cross-Tags (OXT) protocol (CRYPTO 2013) has broken new ground in designing efficient searchable symmetric encryption (SSE) with support for conjunctive keyword search a single-writer single-reader framework. While the OXT offers high performance by adopting number of specialised data-structures, it also trades-off security leaking 'partial' database information to server. Recent attacks have exploited similar partial leakage breach confidentiality....
Symmetric Searchable Encryption (SSE) schemes enable keyword searches over encrypted documents. To obtain efficiency, SSE incur a certain amount of leakage. The vast majority the literature on considers only leakage from one component overall system, search index. This is used to identify which documents return in response query. actual fetching left another component, usually unspecified literature, but generally envisioned as simple storage system matching document identifiers...
Consider, for instance, a client that offloads an encrypted database of (potentially sensitive) emails to untrusted server.At later point time, the might want issue query form "retrieve all received from xyz@foobar.org or with keyword "research" in subject field".Ideally, should be able perform this task without revealing any sensitive information server, such as sources and contents emails, keywords underlying given query, distribution across etc.Unfortunately, techniques fully homomorphic...
Online data sharing for increased productivity and efficiency is one of the primary requirements today any organization. The advent cloud computing has pushed limits across geographical boundaries, enabled a multitude users to contribute collaborate on shared data. However, protecting online critical success cloud, which leads requirement efficient secure cryptographic schemes same. Data owners would ideally want store their data/files in an encrypted manner, delegate decryption rights some...
In the energy sector, IoT manifests in form of next-generation power grids that provide enhanced electrical stability, efficient distribution, and utilization. The primary feature a Smart Grid is presence an advanced bi-directional communication network between meters at consumer end servers Utility Operators. are broadly vulnerable to attacks on physical systems. We propose secure operationally asymmetric mutual authentication key-exchange protocol for communication. Our balances security...
This paper initiates a new direction in the design and analysis of searchable symmetric encryption (SSE) schemes. We provide first comprehensive security model definition for SSE that takes into account leakage from entirety system, including not only access to encrypted indices but also database documents themselves. Such system-wide is intrinsic end-to-end systems, can be used break almost all state-of-the-art schemes (Gui et al., IEEE S&P 2023). then static construction meeting our...
Classical fault attacks, such as differential analysis(DFA) well biased the intensity analysis (DFIA), have been a major threat to cryptosystems in recent times. DFA uses pairs of fault-free and faulty ciphertexts recover secret key. DFIA, on other hand, combines principles side-channel attacks try extract key using only. Till date, no effective countermeasure that can thwart both DFA- DFIA-based has reported literature best our knowledge. In particular, traditional redundancy-based...
This paper presents the first practical fault attack on ChaCha family of addition-rotation-XOR (ARX)-based stream ciphers. has recently been deployed for speeding up and strengthening HTTPS connections Google Chrome Android devices. In this paper, we propose differential analysis attacks without resorting to nonce misuse. We use instruction skip replacement models, which are popularly mounted microcontroller-based cryptographic implementations. corroborate propositions via injection...
Characterizing the fault space of a cipher to filter out set faults potentially exploitable for attacks (FA), is problem with immense practical value.A quantitative knowledge desirable in several applications, like security evaluation, construction and implementation, design, testing countermeasures etc.In this work, we investigate context block ciphers.The formidable size mandates use an automation strategy solve problem, which should be able characterize each individual instance quickly.On...
We present the first practically realizable sidechannel assisted fault attack on PRESENT, that can retrieve last round key efficiently using single nibble faults. The demonstrates how side-channel leakage allow adversary to precisely determine mask resulting from a injection instance. demonstrate viability of such an model via analysis experiments top laser-based setup, targeting PRESENT-80 implementation ATmega328P microcontroller. Subsequently, we differential (DFA) exploiting knowledge...
Common Criteria (CC) and FIPS 140-3 are two popular side channel testing methodologies.Test Vector Leakage Assessment Methodology (TVLA), a potential candidate for FIPS, can detect the presence of side-channel information in leakage measurements.However, TVLA results cannot be used to quantify vulnerability it is an open problem derive its relationship with attack success rate (SR), i.e. common metric CC.In this paper, we extend beyond current scope.Precisely, concrete between signal noise...
We present the first practically realizable side-channel assisted fault attack on any block-ciphers having bit-permutation with optimal diffusion, that can retrieve round key efficiently using random nibble faults. The demonstrates how leakage allow adversary to precisely determine mask resulting from a injection instance. demonstrate viability of such model via analysis experiments top laser-based setup, targeting PRESENT-80 and GIFT-128 (two popular based diffusion) implementation an...