Kapali Viswanathan

A Three Phased Schema for Sealed Bid Auction System Design

Auction systems allow many entities, each possessing a unique secret value, to interact in order to reveal the winning value from the set of secret values, based on the rules of interaction. A platform to achieve this goal is sealed bid auction. We propose a schema and a concrete design to achieve this goal in a simple, efficient and secure fashion. The schema will facilitate the use of existing and future knowledge in providing anonymity.

Robust, Privacy Protecting and Publicly Verifiable Sealed-Bid Auction

The sealed bid model of auctions is ideally suited for electronic auction systems, as they avoid the requirement for real-time communications between various entities. A sealed bid auction scheme designed by Kikuchi, Harkavy and Tygar is analysed. Several shortcomings are identified in this scheme including the lack of public verifiability and the possibility of collusion between bidders and/or auctioneers. A new scheme is designed to overcome these shortcomings.

Signature Scheme for Controlled Environments

We propose a signature system that will be very useful for controlled environments, like corporate networks, where regulation of signatures generated using the certified public/private key pairs is essential. We then demonstrate the usefulness of the system by extending it to realise a proxy signature system with revocable delegation.

Key Recovery System for the Commercial Environment

We propose an efficient, scalable, flexible key recovery solution for use in commercial environments. Our scheme takes a new approach in the design of key recovery systems, called hybrid key escrow. We shall demonstrate the claims by comparing the computation and communication requirements for our proposal with the key recovery solution implemented by IBM.

Secure Selection Protocols

The process of selection is omnipresent in the real world and modeling this process as a cryptologic protocol will enable cross use of techniques among similar protocol applications, which will eventually lead to better understanding and refinement of these applications. We present a proposal for a specialised selection protocol with anonymity as the security service. An area for its application is anonymous peer review, where no peer should know the identity of the reviewer.

Publicly Verifiable Key Escrow with Limited Time Span

Limiting escrow activity in time has been an important requirement for key escrow systems. Recently two protocols were proposed for limited time span key escrow and contract bidding. We investigate the proposed protocols, bring out certain issues that were neglected in the proposal and amend it in a manner that these issues will be dealt with. Our proposal does not require tamper proofness for security of the system and assumes minimal trust in the trustees of the system to achieve a more robust scheme. The importance of publicly verifiable proofs is highlighted in this paper.

Strong binding for software key escrow

Research for software based key escrow systems (KES) presents interesting problems. Advantages of software based KES over hardware based systems are openness, user acceptance, examinability, scalability and flexibility. Investigation of systems solely relying on certification procedures, as compared to tamper resistance, is the primary objective of this paper. Arguments against private key escrow systems are presented, followed by the proposal for a new type of escrow system that partially escrows the long term keys and fully escrows session keys.

Towards Logically and Physically Secure Public-Key Infrastructures

The bootstrapping of security mechanisms to large scale information systems is an important and critical exercise. It is conjectured that the design of bootstrapping procedure is effective, if every such bootstrapping procedure affects (or alters) the behaviour (represented by input data) of all system users (certificate authorities and the users of the public key infrastructure (PKI)).This paper aims to provide public verification for every use of certifying private keys, which are assumed to be stored in multiple physical locations. It provides abstract descriptions of protocols to achieve effective bootstrapping of security mechanisms to large scale PKIs.

An Analysis of Integrity Services in Protocols

An analysis of integrity services in cryptologic protocols is presented. The informal syntax, to be presented, attempts to model the integrity service as a property that is transferred from a key to a message. The message can, in turn, be a key. The modeling presupposes confidentiality and integrity to be the atomic properties or services offered by cryptologic algorithms. More complex algorithms and protocols, such as those for digital signature, identification protocols and nonmalleable encryption, are considered to be ensembles of these services. This paper concentrates only on the analysis of the integrity service in signature techniques based on the proof of knowledge of discrete logarithm. The paper will demonstrate the usefulness of this modeling by identifying flaws in the recent proposals for an efficient electronic cash system and a key-recovery system.

Hybrid Key Escrow: A New Paradigm

A new paradigm for the design of key recovery systems called hybrid key escrow will be presented. It will be shown that such a design can guard the privacy of system users and at the same time enable authorized key recovery. The system will be analyzed against the three fundamental properties of any robust key recovery system: compliance, enforceability and traceability.