Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Author: search.filters.author.Ramalingam, J.Subject: search.filters.subject.Cryptography

Search Results

Now showing 1 - 2 of 2
  • No Thumbnail Available
    Item
    On “Practical and secure outsourcing algorithms for solving quadratic congruences in IoTs” from IEEE IoT journal
    (Elsevier B.V., 2021) Ramalingam, J.
    Secure outsourced computation enables IoT devices to offload resource-intensive computations to a more resourceful server while keeping the inputs secret to the server. Recently, Zhang et al. put forth two outsourcing algorithms for solving quadratic congruences (Zhang et al., 2020). We observe that both the algorithms do not achieve the claimed security guarantees: a polynomial-time attack reveals the secret inputs to a passive adversary. As a consequence of the insecure outsourcing, the factorization of the RSA modulus is also revealed and hence leads to the total compromise of the security of the underlying scheme which makes use of the Zhang et al. outsourcing algorithms for solving quadratic congruences. Interestingly, we propose corrective measures for the Zhang et al. algorithm and prove that the resulting algorithm enables secure and verifiable delegation of solving quadratic congruences in IoTs. © 2021 Elsevier B.V.
  • No Thumbnail Available
    Item
    Practical and Efficient PUF-Based Protocol for Authentication and Key Agreement in IoT
    (Institute of Electrical and Electronics Engineers Inc., 2024) Manivannan, S.; Chakraborty, R.S.; Chakrabarti, I.; Ramalingam, J.
    The immense potential of the Internet of Things (IoT) is challenged by grave security vulnerabilities that are easily exploitable in resource-constrained environments. We propose a lightweight Authentication and Key Agreement (AKA) protocol to derive a shared session key for each communicating node in a mutually communicating cluster of IoT nodes. Each IoT device is embedded with a Physically Unclonable Function (PUF), and a Fuzzy Extractor (FE) is deployed to correct and reproduce the private key and public helper data pair from the possibly erroneous PUF response. This secret raw PUF response is not stored explicitly in the server. A forward-secure authenticated key agreement is achieved by incorporating Elliptic Curve Diffie-Hellman (ECDH) key exchange protocol. The security of the proposed scheme has been formally verified while considering both active and passive attackers using the Verifpal tool. A prototype implementation with the arbiter PUF circuit, FE, and associated software has successfully demonstrated the efficacy of our scheme. © 2009-2012 IEEE.