Recently Written Papers
Given below is a list of my recent papers. All of these are unpublished
as of now. I believe that reading these papers is the best way to evaluate my
PhD candidature while keeping in mind that I did almost all of my work
independently.
1. Vipul Goyal, "Certificate Revocation using Fine Grained
Certificate Space Partitioning"
This is a new certificate revocation
technique. The basic idea is to divide the certificate space into a number of
partitions. Each day, either a partition would expire or be renewed by the CA
by exposing a hash chain link. The number of partitions is the key parameter
in our scheme and represents a tradeoff between the CA to Directory
communication and the query communication. It is possible to strike the right
balance between these two communication costs by choosing the number of
partitions intelligently. We demonstrate that in the case of a distributed CA
having a number of directories to answer the user queries, the overall system
communication cost is lower in our scheme as compared to CRS, CRT and CRL.
(pdf)
Note: This paper was updated on 20 Jan, 2005 to include an improvement to the Crypto'98 scheme by Aiello et al. I relax the assumption that all the certificates are created on the same day and no more certificates will further be added.
2. Vipul Goyal, "Construction and Traversal of Hash Chains with public links"
Present hash chain traversal techniques require that the intermediate hash
chain links be stored secretly on a trusted storage. This may be an
unrealistic assumption in scenarios like Lamport's One Time Password system.
We design a new construction of hash chains in which the intermediate links
may be made public and be stored on a non-trusted device. Interestingly, we
also propose a method to apply present hash chain traversal techniques to our
construction without any significant changes in the computational and storage
requirements. We achieve provable security by replacing the hash function with
a MAC Function like HMAC. (pdf)
3. Vipul Goyal, Virendra Kumar, Mayank Singh, "A New
Architecture for Address Resolution".
This is a new and provably secure method to solve the long standing
problem of ARP cache poisoning problem. For maintaining efficiency, only
collision resistant hash functions are used throughout and no PKC is employed.
The technique is based on the use of Merkle trees and a secure broadcast
authentication protocol such as TESLA. Further, our system does not require
the periodic refreshing of ARP cache mappings as in traditional ARP.
(pdf)
4.
Vipul Goyal, "Bulk Message Signing".
This is a
signature scheme for servers which handle a large number of digital signature
generations per second. We sign a set of messages with just a single signature
generation and a number of hash function computation to significantly reduce
the computational requirements of the system. With this technique, a system
which was earlier able to handle only say 20 signature generations per seconds
will be able to handle approximately 50,000 signature generations per second.
The downside is the slight increase in signature length and response time.
This technique can be profitably employed in payment systems, e-banking /
e-commerce, signing routing messages and OCSP etc to result in significant
cost reduction for the server. We also include a proof of security.
(pdf)
Go back to the apply home page