DSpace at IIIT-DelhiThe DSpace digital repository system captures, stores, indexes, preserves, and distributes digital research material.https://repository.iiitd.edu.in:443/xmlui2018-07-19T00:25:34Z2018-07-19T00:25:34ZDesigning generic asymmetric key cryptosystem with message paddingsBansal, Tarun KumarChang, Donghoon (Advisor)Pieprzyk, Josef (Advisor)Sanadhya, Somitra Kumar (Advisor)Boyen, Xavier (Advisor)http://repository.iiitd.edu.in/xmlui/handle/123456789/6192018-07-10T22:00:14Z2017-10-01T00:00:00ZDesigning generic asymmetric key cryptosystem with message paddings
Bansal, Tarun Kumar; Chang, Donghoon (Advisor); Pieprzyk, Josef (Advisor); Sanadhya, Somitra Kumar (Advisor); Boyen, Xavier (Advisor)
RSA-OAEP is being used in PKCS #1 2.0 standard for a long time. OAEP (optimal asymmetric encryption padding) provides security strength to RSA and other deterministic one-way asymmetric primitives (trapdoor one-way permutations). OAEP has been found to be useful in case of hybrid encryption, signcryption, hybrid signcryption and also as randomness recovery scheme. With time, several proposals modifying OAEP were published in the literature. These proposals give different OAEP versions which differ regarding efficiency, provable security, compatibility with a type of asymmetric one-way cryptosystem (deterministic or probabilistic), extending the use of OAEP in other applications, etc.
Our work helps in understanding the development of OAEP framework and its use. As part of our contribution, we describe a different kind of message padding which works as an alternative of OAEP type scheme. This new message padding scheme is based on iterated Sponge permutation structure. Usage of famous Sponge permutation structure comes from symmetric cryptography where iterated permutation as Sponge functions has provided a great feature to align security and efficiency. We call our scheme Sponge based asymmetric encryption padding (SpAEP). Our scheme achieves semantic security under chosen ciphertext attack (IND-CCA) using any trapdoor one-way permutation in the ideal permutation model for arbitrary length messages. This IND-CCA security is considered as highest and strongest security notion, whereas one-wayness security notion is weaker one. We also propose a key encapsulation mechanism for hybrid encryption using SpAEP with any trapdoor one-way permutation. SpAEP utilizes the permutation model efficiently in the setting of public key encryption in a novel manner.
A primary limitation with the OAEP-type schemes is their incompatibility with a probabilistic asymmetric one-way secure cryptosystem (e.g., ElGamal). We study the reasons behind this limitation and are able to extend the scope of iii usage from deterministic (e.g., RSA) to probabilistic (e.g., ElGamal) functions along with efficiency improvements in SpAEP. We denote new modified Sponge based padding as SpPad–Pe where SpPad–Pe stands for Sponge based Padding (SpPad) with asymmetric one-way cryptosystem (Pe).
The concept and techniques which are used as a base for constructing Sponge based message padding, also result in a strongly secure generic asymmetric encryption scheme using weakly secure asymmetric cryptosystem. Instead of using specific Sponge based construction, we introduce a more generic framework to build a CCA-secure PKE, called REAL. REAL stands for Real time CCA-secure Encryption for Arbitrary Long Messages. An asymmetric one-way secure cryptosystem, a one-time secure symmetric encryption scheme and two hash functions are sufficient for this design. Proposed design provides streaming option without compromising other valuable features, compared to previous works.
We exploit versatile nature of Sponge construction into another area of cryptography known as signcryption. The aim of signcryption is to provide both confidentiality and authentication of messages more efficiently than performing encryption and signing independently. “Commit-then-Sign&Encrypt” (CtS&E ) composition method allows to perform encryption and signing in parallel. Parallel execution of cryptographic algorithms decreases the computation time needed to signcrypt a message. We put forward the application of sponge structure based message padding as an alternative of commitment scheme in constructing signcryption scheme. We propose a provably secure signcryption scheme using weak asymmetric primitives such as trapdoor one-way encryption and universal unforgeable signature. Using simple tricks, we also demonstrate how different combinations of probabilistic/deterministic encryption and signature schemes following weaker security requirements can be utilized without compromising the security of the scheme. To the best of our knowledge, this is the first signcryption scheme based on sponge structure and offers maximum security using weak underlying asymmetric primitives along with the ability to handle long messages.
This thesis follows a step-by-step formation of efficient and secure cryptosystem, starting from basic to complex structure. This thesis emphasizes the importance of message pre-processing technique and its usage by providing generic and efficient cryptosystem.
2017-10-01T00:00:00ZWavelet transform learning and applicationsAnsari, NaushadGupta, Anubha (Advisor)http://repository.iiitd.edu.in/xmlui/handle/123456789/6162018-04-04T22:00:13Z2017-12-01T00:00:00ZWavelet transform learning and applications
Ansari, Naushad; Gupta, Anubha (Advisor)
Transform learning (TL) is currently an active research area. It has been explored in several applications including image/video denoising, compressed sensing (CS) of magnetic resonance images (MRI), etc. and is observed to perform better than the existing transforms. However, TL involves non-convex optimization problem with no closed form solution and hence, is solved using greedy algorithms. A large number of variables (transform basis as well as transform coefficients) along with the greedy-based solution makes TL computationally expensive. Also, TL requires a large amount of training data for learning. Hence, it may run with challenges in applications where only single snapshots of short-duration signals such as speech, music or electrocardiogram (ECG) signal are available. Thus, one uses existing transforms that are signal independent. This motivates us to look for a strategy to learn transform in such applications.
Among existing transforms, discrete wavelet transform provides an efficient representation for a variety of multi-dimensional signals. Owing to this, wavelets have been applied successfully in many applications. In addition, wavelet analysis provides an option to choose among existing basis or to learn new basis. This motivates us to learn wavelet transform from a given signal of interest that may perform better than the fixed transforms in an application. The learned wavelet transform is, hereby, called signal-matched wavelet transform. Since the translates of the wavelet filters associated with discrete wavelet transform form the basis in l2-space, wavelet transform learning implies learning wavelet filter coefficients. This reduces the number of parameters required to be learned with wavelet learning compared to the traditional transform learning. Also, the requirement of learning fewer coefficients allows one to learn basis from a short single snapshot of signal or from the small training data. We also show that closed form solution exists for learning the wavelet transform unlike traditional transform learning.
Although the problem of signal-matched wavelet design/learning has been explored in the literature, there are a number of limitations. Firstly, existing methods require full original signal to learn wavelet transforms and hence, these methods cannot be used in inverse problems, where one has access to only the degraded signal and not to the original signal. Secondly, signal-matched wavelet transform learning is not explored for rational wavelets, although rational wavelets are observed to be more effective than dyadic wavelets in audio and speech signal processing. Thus, we note that there is a need for methods to learn signal-matched wavelets that are modular, have compactly supported filters for dyadic or rational wavelet systems, are easily implementable in DSP hardware, and can also be learned from degraded signals. This thesis is motivated to address these limitations and proposes a number of methods along with their utility in applications.
Specifically, we propose methods to learn dyadic as well as rational wavelet transform using the lifting framework. The proposed method inherits all the advantages of lifting, i.e., the learned wavelet transform is always invertible, method is modular, learned transform has compactly supported filters and hence, is DSP hardware friendly, and the corresponding wavelet system can also incorporate nonlinear filters, if required. We show that closed form solution exists for learning the wavelet transform with the proposed method. Also, wavelet transform can be learned using the proposed method even when a small amount of data is present. Since the wavelet transform is being learned from the signal itself, one may use the learned wavelet transform in applications instead of struggling to choose from the existing wavelet bases.
For dyadic wavelet transform learning (DWTL), we propose three methods in different scenarios. Particularly, we propose methods to learn dyadic wavelet transform (DWT) from 1) original signal, 2) degraded signal in inverse problems, and 3) a class of signals. We use the learned DWT as the sparsifying transform in the application of 1) Gaussian denoising of speech and music signals, 2) CS based reconstruction of speech, music, and ECG signals, 3) impulse denoising of images, and 4) CS based reconstruction of images. Extensive simulations have been carried out that demonstrate that the learned transforms outperform the standard dyadic wavelet transforms.
We also extend the existing theory of lifting framework from dyadic to rational wavelets and use the extended lifting theory to learn critically sampled signal-matched rational wavelet transform (RWT) with generic decimation ratios from a given signal of interest. We introduce the concept of rate converters in predict and update stages to handle variable subband sample rates. So far, signal-matched rational wavelet learning have remained limited in use because design methods are in general cumbersome. Since our proposed methodology exploits lifting framework, we provide modular, compactly supported, DSP hardware friendly rational wavelet transform learning (RWTL) methods. This may enhance the use of RWT in applications which is so far restricted. We use the learned RWT as the sparsifying transform in CS based reconstruction of 1-D and 2-D signals. The learned RWT is observed to perform better than the existing dyadic as well as rational wavelet transforms.
Apart from the wavelet transform learning methods, we propose a new multilevel wavelet decomposition strategy for images, named as L-Pyramid wavelet decomposition. L-Pyramid wavelet decomposition is observed to perform better in
CS based image reconstruction. In addition, we also propose weighted non-convex minimization for CS based recovery. Detailed experiments are provided using the weighted non-convex minimization and the learned wavelet transform for CS based
ECG signal recovery with various sensing matrices. The learned wavelet transform along with the proposed weighted non-convex minimization method is observed to provide much better ECG signal reconstruction as compared to existing wavelet transforms as well as existing methods.
2017-12-01T00:00:00ZCitadels in cyberspaceRawat, MadhurChakravarty, Sambuddho (Advisor)http://repository.iiitd.edu.in/xmlui/handle/123456789/6142018-03-05T22:00:12Z2017-06-01T00:00:00ZCitadels in cyberspace
Rawat, Madhur; Chakravarty, Sambuddho (Advisor)
Cyberwarfare remains a sparsely explored domain of cybersecurity research, most often involving targeted attacks by one nation against another, using botnets. These botnets use malware to launch various kinds of attacks against their targets {ranging from exploiting vulnerabilities, launching Distributed Denial of Service (DDoS) attacks, to various forms of traffic interception attacks.
A powerful nation could use network cartography based techniques to identify key locations within its own nation, where it could install defenders that involve interception of illegitimate traffic. More specifically, the government may use network tomography to identify a relatively small number of Autonomous Systems (ASes) such that they can intercept the large fraction of network paths (and potentially a large fraction of network traffic).
In our research, we use network tomography to construct such large-scale network maps which could be used to identify Cyber Defense Line (viz., collection of strategically important ASes that intercept all the network paths of the country) for installing defenders to prevent various kinds of targeted attacks (like DDoS). These defenders would intercept traffic of large fraction of users based on their location, intercepting large fraction of network traffic. We study how well these defenders can prevent the attacker from crippling the critical networked services, such as financial institutions, defence sites etc. based on their networked locations.
For our analysis, we selected 9 different countries (including China and India) and found \Cyber defence line" for aforementioned network services, DNS infrastructure and for full country net-work map. We found that, countries are significantly similar in network structures viz., all have hierarchical structure. For all sample countries, we found that handful ASes, intercept more than _ 90% of all intra country AS paths. For example, in India only 4 ASes capture more than 95% of the network paths. Interestingly, this holds true, if we select ASes based on different AS properties (like customer degree, cone size, and peer degree etc.) Finding cuts in country's AS topology is only meaningful, when one aims for intercepting 100% paths by the cut. Our results reveal that, for majority of our sample countries, all boundary ASes (that have peering relationship with foreign ASes of the country) capture more than 99% paths, whereas for 100% paths interception we require considerably very large number of ASes (for example, in China 9 ASes intercepts over 90% of the paths, 90 ASes for 99% of paths and 213 ASes for 100% paths).
2017-06-01T00:00:00ZMiddleware systems and analytics for energy
management in buildingsArjunan, PandarasamySingh, Amarjeet (Advisor)Singh, Pushpendra (Advisor)http://repository.iiitd.edu.in/xmlui/handle/123456789/6132018-03-27T22:00:10Z2018-03-01T00:00:00ZMiddleware systems and analytics for energy
management in buildings
Arjunan, Pandarasamy; Singh, Amarjeet (Advisor); Singh, Pushpendra (Advisor)
As one of the largest consumers of overall energy, buildings have emerged as attractive targets for using information and communications technologies to advance large-scale sustainability goals. With increasing availability and affordability of sophisticated sensing, control and computational methods, a variety of novel applications have been envisioned in the recent past aiming towards energy savings. However, the centralized building management system with its inflexible and isolated subsystems, currently used to manage the building operations, restrict the widespread development and deployment of novel energy management applications. In this thesis, we hypothesize that decentralized, flexible, and extensible software systems, together with novel applications and analytical techniques, would improve the energy efficiency in buildings. To support our hypothesis, we present the architecture, design, development, and experimental validation of middleware systems for building energy management, which enable 1) decentralized management of building resources involving different stakeholders, including occupants, to make control-over decisions and energy management policies, by providing appropriate finegrained access-control mechanisms, 2) flexible interfaces for integrating existing and retrofitted sensing and control systems, and suitable software representations for accessing and managing their operations, e.g. spatio-hierarchical relationship, which are specific to buildings, and 3) an extensible automation framework for developing and deploying energy management applications involving simple and advanced sensor data processing methods for identifying detailed insights about the operational context of the building, and suitable programming abstractions for developers. We evaluate these systems through multiple real-world deployments in our test-bed buildings consisting of varied categories of functionalities, operations, users, and hundreds of heterogeneous sensor data streams, across the world. On top of this, we also implemented several practical applications ranging from detecting the deviation in the energy usage of building subvi systems to inferring fine-grained building context using proxy sources. The practical usability of the system was also evaluated through a user study. In summary, this thesis attempts to present a holistic software ecosystem and novel applications by bringing the three major entities – devices, computational methods, and humans, in buildings closer towards optimal energy management.
2018-03-01T00:00:00Z