List of Publications

Note:-This list is likely to be significantly updated in Mid-Jan. For an updated list, please visit again.

To download my recent papers, go here.

Under Preparation

1.      A Full-fledged Digital Signature Scheme using Hash Functions only
Short Abstract: I am working towards the construction of a full fledged (i.e. with no limits on the number of signatures that can generated) signature scheme using hash functions (without trapdoors) only. Such a scheme was designed by Merkle in 1987 using infinitely growing one time signature trees. However, this scheme was of theoretical interest only due to high computation, storage and signature size. My approach is based on an infinitely growing set of interconnected Merkle trees. As we generate more and more signatures, new Merkle trees are simultaneously constructed and added to the set. I provide a computation and storage tradeoff with which, it is possible to compute a signature with as low as 300 hash function evaluations, all of which may be done offline. Apart from being efficient, such signatures do not require any number theoretic assumptions and are secure even against quantum computers.

2.   How to Cheat the Cheater or Probabilistic-Information Leakage
Short Abstract: This is an interesting new problem being considered. Often, cryptanalysis is possible because the adversary can usually identify the correct {key, plaintext} pair when obtained (as plaintext obtained with incorrect keys is usually garbage). We suggest that the encryption algorithms be designed in such a way that for every ciphertext, there are multiple {key, plaintext} pairs which make sense to the adversary. While Shannon's perfect secrecy concept is concerned with message secrecy, we are concerned with key secrecy.

Papers Accepted/Published

1.  Vipul Goyal, Ajith Abraham, Sugata Sanyal, "Cryptographic Signature Schemes in the Quantum Computing World", Progress in Quantum Cryptography Research, Frank Columbus (Ed.), Nova Science Publishers, USA.

2.  Vipul Goyal, "Certificate Revocation using Fine Grained Certificate Space Partitioning", The First Information Security Practice and Experience Conference (ISPEC 2005), Singapore, April 2005, Lecture Notes in Computer Science, Springer-Verlag.        (Acceptance Rate: 40/120)

3.  Vipul Goyal, "Construction and Traversal of Hash Chains with public links", The First Information Security Practice and Experience Conference (ISPEC 2005), Singapore, April 2005, Lecture Notes in Computer Science, Springer-Verlag.        (Acceptance Rate: 40/120)

4.  Vipul Goyal, Virendra Kumar, Mayank Singh, "An Efficient Solution for the ARP Cache Poisoning Problem", The First Information Security Practice and Experience Conference (ISPEC 2005), Singapore, April 2005, Lecture Notes in Computer Science, Springer-Verlag.        (Acceptance Rate: 40/120)

5.  Vipul Goyal, "Extending CRS for Real Time Revocation Information", 20th International IFIP Conference on Information Security (SEC-2005), Japan, May 2005, Kluwer.        (Acceptance Rate: 29 %)

6.  Vipul Goyal, Virendra Kumar, Mayank Singh, Ajith Abraham, Sugata Sanyal, "CompChall: Addressing Password Guessing Attacks", Information Assurance and Security Track (IAS'05), IEEE International Conference on Information Technology: Coding and Computing (ITCC'05), USA, April 2005, IEEE Computer Society.

7.  Vipul Goyal, Ajith Abraham, Sugata Sanyal, Sang Yong Han, "The N/R One Time Password System",  Information Assurance and Security Track (IAS'05), IEEE International Conference on Information Technology: Coding and Computing (ITCC'05), USA, April 2005, IEEE Computer Society.

8.  Vipul Goyal, Virendra Kumar, Mayank Singh, "Fighting Spam: An Origin Server Authentication Based Approach", 4th IEEE International Conference on Networking (ICN 2005), Reunion Island, April 2005, Lecture Notes in Computer Science, Springer-Verlag.

9.  Vipul Goyal, “Fast Digital Certificate Revocation”, Proceedings of 19th International IFIP Conference on Information Security (SEC-2004), held as part of IFIP World Computer Congress (WCC-2004), Toulouse, France, August 2004, pp 489-500, Kluwer.     (Acceptance Rate: 22 %. Also got the conference fellowship of 1,500 Euro for attending the conference)

10. Vipul Goyal, "On Encryption by Microprocessors", 3rd International Trusted Internet Workshop (TIW-2004), held in conjunction with 11th International Conference on High Performance Computing (HiPC-2004), Bangalore, India, Dec 2004.     (Acceptance Rate: 30 %)

11. Vipul Goyal, "Soft Enforcement of Access Control Policies in Distributed Environments", Poster Proceedings of 11th International Conference on High Performance Computing (HiPC-2004), Bangalore, India, Dec 2004.

12. Vipul Goyal, “A One Time Password System”, 7th International Conference on Information Technology (CIT-2004), Hyderabad, India, Dec 2004, pp. 287-293.    (Acceptance Rate: 26 %)

13. Omkant Pandey, Vipul Goyal, “Cache Poisoning in S-ARP and modifications”, 5th International Conference on Information & Computer Science (ICICS-2004), Saudi Arabia, Nov 2004.    (Acceptance Rate: 49 %)

14. Vipul Goyal, “Certificate Revocation Lists or Online Mechanisms?”, Proceedings of the 2nd International Workshop on Security in Information Systems (WOSIS-2004), held in conjunction with 6th International Conference on Enterprise Information Systems (ICEIS-2004), Portugal, April 2004, pp. 261-268.    (Acceptance Rate: 48 %)

15. Vipul Goyal, Sugata Sanyal, Dharma P. Agarwal, "Vcache: Caching Dynamic Documents", Proceedings of the 6th International Conference on Information Technology (CIT-2003), India, Dec 2003, pp. 338-342.    (Acceptance Rate: 29 %)

Papers under Submission

1.      Vipul Goyal, "Bulk Message Signing".
This is a signature scheme for servers which handle a large number of digital signature generations per second. We sign a set of messages with just a single signature generation and a number of hash function computation to significantly reduce the computational requirements of the system. With this technique, a system which was earlier able to handle only say 20 signature generations per seconds will be able to handle approximately 50,000 signature generations per second. The downside is the slight increase in signature length and response time. This technique can be profitably employed in payment systems, e-banking / e-commerce, signing routing messages and OCSP etc to result in significant cost reduction for the server. We also include a proof of security.

2.   Vipul Goyal, "Password Based Authentication without Public Key Cryptography".
A new password based authentication system using one way hash functions is designed. The system is secure against both active and passive adversaries as well as server password file compromise. It does not have the problems associated with Lamport's OTP scheme and is especially suitable for mobile devices.

3.   Vipul Goyal, "More Efficient Server Assisted One Time Signatures".
The recently designed server assisted one time signature scheme had the problems of high storage requirements for the virtual server and high memory requirements for the mobile client. We significantly reduce these requirements. This is done by employing a new dispute resolution technique and generating the OTS keys pseudorandomly.

4.   Vipul Goyal, "How to Re-initialize a Hash Chain".
Currently, hash chains suffer from the limitation that they have a finite number of links which when exhausted requires the system to be re-initialized. We construct a new kind of hash chain called a Re-initializable Hash Chain (RHC) having the property that if its links are exhausted, it can be securely re-initialized in a non-repudiable manner to result in another RHC.
Recently, an improvement to this construction was proposed by Zhao and Li (available at http://eprint.iacr.org/2005/011)