Resume
Name |
Vipul Goyal |
E-mail address |
vipul.goyal@cse04.itbhu.org |
Alternate E-mail |
vipul_goyal1@yahoo.com |
Home Page |
www.oocities.org/vipul_goyal1/apply.htm |
Current Professional Status
|
Cryptography Research Analyst Offshore Security Partners Global, Mumbai |
List of Publications
Note:-This list is likely to be significantly updated in Mid-Jan. For an updated list, please visit again.
Under Preparation
1.
A Full-fledged Digital Signature Scheme using Hash Functions
only
Short Abstract: I am working towards the construction of a full fledged (i.e.
with no limits on the number of signatures that can generated) signature
scheme using hash functions (without trapdoors) only. Such a scheme was
designed by Merkle in 1987 using infinitely growing one time signature trees.
However, this scheme was of theoretical interest only due to high computation,
storage and signature size. My approach is based on an infinitely growing set
of interconnected Merkle trees. As we generate more and more signatures, new
Merkle trees are simultaneously constructed and added to the set. I provide a
computation and storage tradeoff with which, it is possible to compute a
signature with as low as 300 hash function evaluations, all of which may be
done offline. Apart from being efficient, such signatures do not require any
number theoretic assumptions and are secure even against quantum computers.
2.
How to Cheat the Cheater or Probabilistic-Information Leakage
Short Abstract: This is an interesting new problem being considered.
Often, cryptanalysis is possible because the adversary can usually identify
the correct {key, plaintext} pair when obtained (as plaintext obtained with
incorrect keys is usually garbage). We suggest that the encryption algorithms
be designed in such a way that for every ciphertext, there are multiple {key,
plaintext} pairs which make sense to the adversary. While Shannon's perfect
secrecy concept is concerned with message secrecy, we are concerned with key
secrecy.
Papers Accepted/Published
Book Chapters
1. Vipul Goyal, Ajith Abraham, Sugata Sanyal, "Cryptographic Signature Schemes in the Quantum Computing World", Progress in Quantum Cryptography Research, Frank Columbus (Ed.), Nova Science Publishers, USA.
Conference Publications
2. Vipul Goyal, "Certificate Revocation using Fine Grained Certificate Space Partitioning", The First Information Security Practice and Experience Conference (ISPEC 2005), Singapore, April 2005, Lecture Notes in Computer Science, Springer-Verlag. (Acceptance Rate: 40/120)
3. Vipul Goyal, "Construction and Traversal of Hash Chains with public links", The First Information Security Practice and Experience Conference (ISPEC 2005), Singapore, April 2005, Lecture Notes in Computer Science, Springer-Verlag. (Acceptance Rate: 40/120)
4. Vipul Goyal, Virendra Kumar, Mayank Singh, "An Efficient Solution for the ARP Cache Poisoning Problem", The First Information Security Practice and Experience Conference (ISPEC 2005), Singapore, April 2005, Lecture Notes in Computer Science, Springer-Verlag. (Acceptance Rate: 40/120)
5. Vipul Goyal, "Extending CRS for Real Time Revocation Information", 20th International IFIP Conference on Information Security (SEC-2005), Japan, May 2005, Kluwer. (Acceptance Rate: 29 %)
6. Vipul Goyal, Virendra Kumar, Mayank Singh, Ajith Abraham, Sugata Sanyal, "CompChall: Addressing Password Guessing Attacks", Information Assurance and Security Track (IAS'05), IEEE International Conference on Information Technology: Coding and Computing (ITCC'05), USA, April 2005, IEEE Computer Society.
7. Vipul Goyal, Ajith Abraham, Sugata Sanyal, Sang Yong Han, "The N/R One Time Password System", Information Assurance and Security Track (IAS'05), IEEE International Conference on Information Technology: Coding and Computing (ITCC'05), USA, April 2005, IEEE Computer Society.
8. Vipul Goyal, Virendra Kumar, Mayank Singh, "Fighting Spam: An Origin Server Authentication Based Approach", 4th IEEE International Conference on Networking (ICN 2005), Reunion Island, April 2005, Lecture Notes in Computer Science, Springer-Verlag.
9. Vipul Goyal, “Fast Digital Certificate Revocation”, Proceedings of 19th International IFIP Conference on Information Security (SEC-2004), held as part of IFIP World Computer Congress (WCC-2004), Toulouse, France, August 2004, pp 489-500, Kluwer. (Acceptance Rate: 22 %. Also got the conference fellowship of 1,500 Euro for attending the conference)
10. Vipul Goyal, "On Encryption by Microprocessors", 3rd International Trusted Internet Workshop (TIW-2004), held in conjunction with 11th International Conference on High Performance Computing (HiPC-2004), Bangalore, India, Dec 2004. (Acceptance Rate: 30 %)
11. Vipul Goyal, "Soft Enforcement of Access Control Policies in Distributed Environments", Poster Proceedings of 11th International Conference on High Performance Computing (HiPC-2004), Bangalore, India, Dec 2004.
12. Vipul Goyal, “A One Time Password System”, 7th International Conference on Information Technology (CIT-2004), Hyderabad, India, Dec 2004, pp. 287-293. (Acceptance Rate: 26 %)
13. Omkant Pandey, Vipul Goyal, “Cache Poisoning in S-ARP and modifications”, 5th International Conference on Information & Computer Science (ICICS-2004), Saudi Arabia, Nov 2004. (Acceptance Rate: 49 %)
14. Vipul Goyal, “Certificate Revocation Lists or Online Mechanisms?”, Proceedings of the 2nd International Workshop on Security in Information Systems (WOSIS-2004), held in conjunction with 6th International Conference on Enterprise Information Systems (ICEIS-2004), Portugal, April 2004, pp. 261-268. (Acceptance Rate: 48 %)
15. Vipul Goyal, Sugata Sanyal, Dharma P. Agarwal, "Vcache: Caching Dynamic Documents", Proceedings of the 6th International Conference on Information Technology (CIT-2003), India, Dec 2003, pp. 338-342. (Acceptance Rate: 29 %)
Papers under Submission
1.
Vipul Goyal, "Bulk Message Signing".
This is a signature scheme for servers which handle a large number of
digital signature generations per second. We sign a set of messages with just
a single signature generation and a number of hash function computation to
significantly reduce the computational requirements of the system. With this
technique, a system which was earlier able to handle only say 20 signature
generations per seconds will be able to handle approximately 50,000 signature
generations per second. The downside is the slight increase in signature
length and response time. This technique can be profitably employed in payment
systems, e-banking / e-commerce, signing routing messages and OCSP etc to
result in significant cost reduction for the server. We also include a proof
of security.
2. Vipul Goyal, "Password Based Authentication without Public
Key Cryptography".
A new password based authentication system using one way hash functions is
designed. The system is secure against both active and passive adversaries as
well as server password file compromise. It does not have the problems
associated with Lamport's OTP scheme and is especially suitable for mobile
devices.
3. Vipul Goyal, "More Efficient Server Assisted One Time
Signatures".
The recently
designed server assisted one time signature scheme had the problems of high
storage requirements for the virtual server and high memory requirements for
the mobile client. We significantly reduce these requirements. This is done by
employing a new dispute resolution technique and generating the OTS keys
pseudorandomly.
4. Vipul Goyal, "How to Re-initialize a Hash Chain".
Currently, hash chains suffer from the limitation that they have a finite
number of links which when exhausted requires the system to be re-initialized.
We construct a new kind of hash chain called a Re-initializable Hash Chain (RHC)
having the property that if its links are exhausted, it can be securely
re-initialized in a non-repudiable manner to result in another RHC.
Recently, an improvement to this construction was proposed by Zhao and Li
(available at
http://eprint.iacr.org/2005/011)
Conference Participations
1) Served as a Reviewer for
a) Information Assurance and Security
Track (IAS'05), IEEE International Conference on Information Technology (ITCC
2005), Nevada, USA, 2005
b) Ninth IEEE Symposium on Computers and
Communications, Egypt, 2004
c) International Conference on Information &
Computer Science, Saudi Arabia, 2004
2) Attended the following conferences:
a) 5th International
Conference on Cryptology in India (Indocrypt-2004), Chennai
b) 11th International Conference on High Performance Computing (Hipc-2004),
Bangalore
c) 7th International Conference on Information Technology (CIT-2004),
Hyderabad
d) 19th International IFIP Conference on Information Security (SEC-2004),
France
e) 4th International Conference on Cryptology in India (Indocrypt-2003), New
Delhi
f) 10th International Conference on High Performance Computing (Hipc-2003),
Hyderabad
g) 6th International Conference on Information Technology (CIT-2003),
Bhubaneswar.
Academic Record (Absolute Scale)
DGPA :
8.07/10
GPA (Majors) : 8.46/10
12th Standard : 79.6 % (Science subjects - 93 %)
10th Standard : 80.8 % (Science & Mathematics - 94 %)
Industrial Experience
1. RemotePay™ Card – A New Internet Payment System
Abstract: This is a new electronic payment system. The only requirement
for the customer is to purchase a RemotePay payment card (available as scratch
cards) which will be made available at various outlets. This scheme does not
require the user to possess a credit-card or even a bank account. This system
is targeted at users in developing countries who do not possess a credit-card
or the users who are security sensitive and hesitate to give out their card
information on the internet. Using RemotePay Card, it is also possible for the
customer to make payment to the vendors which support credit cards as the only
payment mechanism. This is done by assigning the customers a temporary
credit-card number against the RemotePay card number. With a modification, the
scheme can be made to provide security against an un-trusted merchant. The
system security is based on a two system architecture, one connected but
having no secrets and the other having the system secrets but not connected to
the outside world.
This project is being done at OSP Global, Mumbai. I am one of
the main system designers. This product is scheduled to be launched in India
and China in April, 2005.
Awards and Achievements
Highest paid job offer in the 2003-2004 placement session on the campus at IT-BHU.
Secured 1st position in Open Software Contest in Technex-2003 (Technical festival and National Engineering Model Exhibition, IT-BHU) for "A Secure Electronic Payment System". This software was given the Malviya Best Software Award in Technex-2003.
Secured 1st position among 102 participants in my institute in the C/C++ Quiz organized by IEEE, IT-BHU Student Chapter in September-2002.
Secured 1st position in my institute in the Overnight Programming Contest organized by Computer Engineering Society in September-2002.
Secured 1st position in my institute in the Programming Contest Organized by IEE, IT-BHU Student Chapter in September-2001.
Nominated to represent IT-BHU in the Intel Student Research Contest 2003-2004.
Cleared IIT-JEE in the first attempt and was placed among the top 1 % of about 0.2 million students participating.
Ranked 92 out of 96,000 candidates in the first attempt in the Engineering Entrance Examination of U.P. State (MNR-2000).
Other Projects Completed
1) Caching Dynamically Generated Documents
B. Tech. Project
Guide: Prof KK Shukla, Deparment of Computer Science & Engg, IT-BHU
Abstract: Web caching is currently limited to static HTML documents. A dynamic document is generated on the fly from a server side script and may have different contents on different accesses and hence cannot be cached. However different instances of a dynamic document have large common HTML code sections in most cases. This fact was exploited to design a language independent and fully automatic caching technique for dynamic documents based on their decomposition into a hierarchy of templates and bindings. This decomposition is done at the server by parsing the source code of the server script and then using the branch flow statistics analysis technique. The templates can then be cached while bindings are non-cacheable. This approach reduces the response time, load on server and network bandwidth consumption for both client and server.
A preliminary version of this work was published in the Sixth International Conference on Information Technology. A full journal version is under preparation.
2) Summer Internship (May-June 2003)
Guide-
Prof Sharat Chandran
Department of Computer Science & Engg
Indian Institute of Technology, Bombay
"Fast Reconstruction 3D Objects with Radial Basis Functions using Fast Multipole Methods"
Abstract: The 3D object is represented with a single RBF. The RBF is found by interpolating the point cloud data representing the object. The interpolation problem is highly computationally intensive, however the storage and computation order can be highly reduced using FMM. GMRES iteration method coupled with FMM is used for solving the interpolation problem. The implementation of this technique was done in C++.
3) Summer Internship (May-June 2002)
Guide-
Prof Sharat Chandran
Department of Computer Science & Engg
Indian Institute of Technology, Bombay
a) Development of an interactive e-book on Machine Vision
Abstract: Each chapter in the book is presented in four stages Theory, Experiment, Demonstration and Analysis. The experiment part was implemented using Java Applets. I developed chapters on Compositing and Colors. The learner could read the theory part and then could play with various applets in experiment part to get a feel of the topic.
b) Online processing of course feedback forms and response statistics display using bar graphs
Abstract: The students taking a course could fill up the course feedback form on the web. The system could automatically draw several bar graphs for different sections and in different formats using the responses submitted by the students. CGI-PERL was used for server side processing and bar graphs were implemented as Java Applets. This system is practically being used by IIT Bombay for course feedback.
4) Programmable high precision calculation system
Guide-
Prof Arun K Agrawal
Department of Computer Science & Engg, IT-BHU
Abstract: This is a Fully Programmable Calculation System with facility of user defined size of numbers especially useful for Scientific and Statistical Uses. The user has the facility of programming the calculation system for his specific uses and to define custom functions. Since the program may use very large numbers, special care was given to designed efficient routines for calculation. This project was done in C++.
This project was presented in Technex-2002 and was also selected for Techfest-2002, IIT Bombay.
5) Pitgame
Abstract: This was done for Talisma Campus Challenge. The computer had to play either against a human or against another computer using a LAN. An efficient algorithm was designed for playing the game based on solution space search upto a user specified depth and an optimized static evaluation function. A Certificate of appreciation was awarded by Talisma for this project.
6) Secure-DOS
Abstract: This was a self initialized project. This was a security system in MS-DOS totally based on Terminate Stay Resident facilitating differential access rights to different users as in Unix. The access rights of each user (except root) were restricted to his/her home directory using this software. However, the system was found to have some security loopholes.
Software Written
A Secure Electronic Payment System (in Cgi-Perl and C++)
A Fully Programmable Scientific Calculation System with user defined size of numbers. Especially useful for making calculations on big numbers (e.g. 1000 digit long). An interpreter was also implemented to enable the user define her own custom functions. A GUI was also provided. (in C++)
Pit-game - A software to in which the user could play the "Pit-ball" game against the computer (in Java)
DOS based library implementing all common data structures in addition to graphics classes for making windows, menu, buttons etc. (in C++)
Online Course Feedback System - Currently being used at IIT Bombay for course evaluation (with Prof. Sharat Chandran, in Cgi-Perl and java)
E-book on machine vision – two chapters and java applets in the Machine Vision e-book project (with Prof. Sharat Chandran, in java)
Teaching and Membershipts
Served as the Lab Assistant for IEEE Programming Lab for 1st year students during the session 2002-2003.
A project contributor and a member of Comprehensive Perl Archive Network (CPAN).
Member of the Cryptographic Research Society of India (CRSI).
Co-founder of the Student Crypto Group, IT-BHU.
Advisors / Collaborators
1)
Prof Sugata Sanyal
(Coauthor, 4 papers)
Professor
School of Technology and Computer Science;
Tata Institute of Fundamental Research,
Mumbai, India
2)
Prof K K Shukla (B.Tech. Project Guide)
Professor and Head
Department of Computer Science & Engineering
Institute of Technology
Banaras Hindu University
India
3)
Prof Ajith Abraham (Co-author, 3 papers)
Distinguished Visiting Professor
Chung-Ang University
Korea
4)
Prof Dharma P Agarwal (Co-author, 1 paper)
Distinguished Professor
Department of ECECS
University of Cincinnati
USA
5)
Prof Arun K Agrawal (Advisor and helper for
various projects)
Professor
Department of Computer Science & Engineering
Institute of Technology
Banaras Hindu University
India
6)
Prof Sharat Chandran (Summer Internship Advisor)
Associate Professor
Department of Computer Science & Engineering
Indian Institute of Technology, Bombay
India
Go back to the apply home page