Ashutosh Saxena

A dynamic ID-based remote user authentication scheme

Password-based authentication schemes are the most widely used techniques for remote user authentication. Many static ID-based remote user authentication schemes both with and without smart cards have been proposed. Most of the schemes do not allow the users to choose and change their passwords, and maintain a verifier table to verify the validity of the user login. In this paper we present a dynamic ID-based remote user authentication scheme using smart cards. Our scheme allows the users to choose and change their passwords freely, and do not maintain any verifier table. The scheme is secure against ID-theft, and can resist the reply attacks, forgery attacks, guessing attacks, insider attacks and stolen verifier attacks.

A novel remote user authentication scheme using bilinear pairings

The paper presents a remote user authentication scheme using the properties of bilinear pairings. In the scheme, the remote system receives user login request and allows login to the remote system if the login request is valid. The scheme prohibits the scenario of many logged in users with the same login-ID, and provides a flexible password change option to the registered users without any assistance from the remote system.

An efficient certificateless signature scheme

Traditional certificate based cryptosystem requires high maintenance cost for certificate management. Although, identity based cryptosystem reduces the overhead of certificate management, it suffers from the drawback of key escrow. Certificateless cryptosystem combines the advantages of both certificate based and identity based cryptosystems as it avoids the usage of certificates and does not suffer from key escrow. In this paper, we propose a pairing based certificateless signature scheme that is efficient than the existing scheme.

Data integrity proofs in cloud storage

Cloud computing has been envisioned as the de-facto solution to the rising storage costs of IT Enterprises. With the high costs of data storage devices as well as the rapid rate at which data is being generated it proves costly for enterprises or individual users to frequently update their hardware. Apart from reduction in storage costs data outsourcing to the cloud also helps in reducing the maintenance. Cloud storage moves the users data to large data centers, which are remotely located, on which user does not have any control. However, this unique feature of the cloud poses many new security challenges which need to be clearly understood and resolved. One of the important concerns that need to be addressed is to assure the customer of the integrity i.e. correctness of his data in the cloud. As the data is physically not accessible to the user the cloud should provide a way for the user to check if the integrity of his data is maintained or is compromised. In this paper we provide a scheme which gives a proof of data integrity in the cloud which the customer can employ to check the correctness of his data in the cloud. This proof can be agreed upon by both the cloud and the customer and can be incorporated in the Service level agreement (SLA). This scheme ensures that the storage at the client side is minimal which will be beneficial for thin clients.

An improved bilinear pairing based remote user authentication scheme

Recently Das et al. proposed a novel remote user authentication scheme using bilinear pairings. Chou et al. identified a weakness in Das et al.s scheme and made an improvement. In this paper, we show that both Das et al.s and Chou et al.s schemes are insecure against forgery and replay attacks. We proposed an improved scheme that overcomes the security flaws without affecting the merits of the original scheme.

Hierarchical key management scheme using polynomial interpolation

We present a hierarchical key management scheme using cryptographic hash function and Newtons polynomial interpolation for users key and system resources management. A similar technique has been proposed in 2002 by Shen and Chen, but their scheme suffers large computational overhead and security weakness. We show that our scheme is secure and efficient in comparisons to the Shen and Chens scheme.

Threshold key issuing in identity-based cryptosystems

Secure key issuing in identity-based cryptosystems is a challenging task due to the inherent drawback of key escrow. Several protocols have been proposed for key issuing which do not require secure channel and eliminate key escrow problem. However, the existing secure and efficient protocol requires all the participating authorities to be mandatorily available for constructing the users private key. We present a secure and robust protocol for key issuing in identity-based cryptosystems by using the concept of threshold cryptosystems, which avoids the practical limitation.

A cryptography based privacy preserving solution to mine cloud data

Due to increased adoption of cloud computing, there is a growing need of addressing the data privacy during mining. On the other hand, knowledge sharing is a key to survive many business organizations. Several attempts have been made to mine the data in distributed environment however, maintaining the privacy while mining the data over cloud is a challenging task. In this paper, we present an efficient and practical cryptographic based scheme that preserves privacy and mine the cloud data which is distributed in nature. In order to address the classification task, our approach uses k-NN classifier. We extend the Jaccard measure to find the similarity between two encrypted and distributed records by conducting an equality test. In addition, our approach accelerates mining by finding nearest neighbours at local and then at global level. The proposed approach avoids transmitting the original data and sharing of the key that is required in traditional crypto based privacy preserving data mining solutions.

Mutual Authentication and Key Agreement for GSM

We propose an efficient identity based mutual authentication scheme for GSM. In the proposed scheme, mobile station (MS) and visitor location register (VLR) authenticate each other and establish a session key to communicate securely for every communication. Our scheme requires less bandwidth and storage. The scheme does not involve certificate management and is resilient to replay and man-in-the middle attacks. We also compare the performance of our scheme with that of the existing schemes.

MMPS: a versatile mobile-to-mobile payment system

The paper presents an effective mobile-to-mobile payment system. A mobile phone with or without SIM card is enabled as an EMV payment instrument and is linked to a debit or credit account in a bank to pay merchant who has a mobile phone or an online EMV capable terminal. In a single phone, multiple credit or debit accounts from different banks can be configured without compromising on security. The proposed framework provides a secure and convenient payment mechanism without any terminal infrastructure.