Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Author: search.filters.author.Ramalingam, J.Subject: search.filters.subject.Authentication

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    Robust message authentication in the context of quantum key distribution
    (Inderscience Publishers, 2022) Shanmugam, D.; Ramalingam, J.
    Universal hashing-based message authentication code (MAC) is used as the de facto method to achieve information-theoretically secure authentication in quantum key distribution. We present a critical look at the most widely used type, namely Wegman-Carter MAC based on polynomial hashing and analyse its robustness against physical attacks exploiting side information. In particular, we mount a classical DPA attack on the hash part of the Wegman-Carter MAC which leads to a possible intercept-and-resend attack on the BB84-like QKD protocols. We illustrate this case with polynomial-evaluation MACs as their variants are used in commercial QKD systems. We show that our attack methodology is much simpler compared to that of Belaid et al. at ASIACRYPT 2014. Finally, we present an algebraic countermeasure so that the resulting MAC is not susceptible to the identified attack. © 2022 Inderscience Enterprises Ltd.
  • No Thumbnail Available
    Item
    Practical and Efficient PUF-Based Protocol for Authentication and Key Agreement in IoT
    (Institute of Electrical and Electronics Engineers Inc., 2024) Manivannan, S.; Chakraborty, R.S.; Chakrabarti, I.; Ramalingam, J.
    The immense potential of the Internet of Things (IoT) is challenged by grave security vulnerabilities that are easily exploitable in resource-constrained environments. We propose a lightweight Authentication and Key Agreement (AKA) protocol to derive a shared session key for each communicating node in a mutually communicating cluster of IoT nodes. Each IoT device is embedded with a Physically Unclonable Function (PUF), and a Fuzzy Extractor (FE) is deployed to correct and reproduce the private key and public helper data pair from the possibly erroneous PUF response. This secret raw PUF response is not stored explicitly in the server. A forward-secure authenticated key agreement is achieved by incorporating Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol. The security of the proposed scheme has been formally verified while considering both active and passive attackers using the Verifpal tool. A prototype implementation with the arbiter PUF circuit, FE, and associated software has successfully demonstrated the efficacy of our scheme. © 2009-2012 IEEE.