Aanchal Malhotra

The Security of NTP’s Datagram Protocol

For decades, the Network Time Protocol (NTP) has been used to synchronize computer clocks over untrusted network paths. This work takes a new look at the security of NTP’s datagram protocol. We argue that NTP’s datagram protocol in RFC5905 is both underspecified and flawed. The NTP specifications do not sufficiently respect (1) the conflicting security requirements of different NTP modes, and (2) the mechanism NTP uses to prevent off-path attacks. A further problem is that (3) NTP’s control-query interface reveals sensitive information that can be exploited in off-path attacks. We exploit these problems in several attacks that remote attackers can use to maliciously alter a target’s time. We use network scans to find millions of IPs that are vulnerable to our attacks. Finally, we move beyond identifying attacks by developing a cryptographic model and using it to prove the security of a new backwards-compatible client/server protocol for NTP.

Practical IBE secure under CBDH - encrypting without pairing

Since the discovery of identity based cryptography, a number of identity based encryption schemes were reported in the literature. Although a few schemes were proposed after its introduction, the first efficient identity based encryption scheme was proposed by Dan Boneh and Matthew K. Franklin in 2001. This encryption scheme uses Weil pairing on elliptic curves during both encryption and decryption process. In this paper, we propose a new identity based encryption scheme and prove its security in the random oracle model. There are two highlighting features in our scheme. First, it does not employ bilinear pairing computation during the encryption process. Second, our scheme does not require full domain hashing, which makes our scheme more practical and efficiently implementable. Moreover, we prove the security of our scheme by reducing it to the well known Computational Bilinear Diffie-Hellman problem. We first prove the security of our scheme in weaker security notion i.e. we prove our scheme to be IND-CPA secure. Then using Fujisaki Okamoto transformation, we convert our scheme to IND-CCA secure version.