Sushmita Ruj

Sushmita Ruj
Indian Institute of Technology Indore | IITI · Department of Computer Science and Engineering

About

108
Publications
18,258
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
3,763
Citations

Publications

Publications (108)
Article
Data owners upload large files to cloud storage servers, but malicious servers may potentially tamper data. To check integrity of remote data, Proof of Retrievability (PoR) schemes were introduced. Existing PoR protocols assume that data owners and third-party auditors are honest and audit only the potentially malicious cloud server to check integr...
Preprint
A vaccine passport serves as documentary proof, providing passport holders with greater freedom while roaming around during pandemics. It confirms vaccination against certain infectious diseases like COVID-19, Ebola, and flu. The key challenges faced by the digital vaccine passport system include passport forgery, unauthorized data access, and inac...
Chapter
A sparse Merkle tree is a Merkle tree with fixed height and indexed leaves given by a map from indices to leaf values. It allows for both efficient membership and non-membership proofs. It has been widely used as an authenticated data structure in various applications, such as layer-2 rollups for blockchains. zkSync Lite, a popular Ethereum layer-2...
Article
Industrial Internet of Things (IIoT) opens up a challenging research area towards improving secure data sharing which currently has several limitations. Primarily, the lack of inbuilt guarantees of honest behavior of participating, such as end-users or cloud behaving maliciously may result in disputes. Given such challenges, we propose a fair, acco...
Chapter
Apart from creating a billion-dollar worth of cryptocurrency ecosystem, Bitcoin revolutionized the whole domain of cryptocurrencies, and it largely influenced many other application areas (e.g., healthcare, supply-chain management, real estate) with its underlying technologies such as blockchain, consensus algorithms, and decentralized data managem...
Chapter
Many blockchain protocols suffer from scalability issues. One way to improve the scalability of existing solutions is to improve the underlying consensus algorithms. Another way is to carry out off-chain transactions in such a way that the interaction with the underlying blockchain is minimized. This class of solutions is known as layer 2 solutions...
Chapter
In this work, we study hybrid exact/relaxed zero-knowledge proofs from lattices, where the proved relation is exact in one part and relaxed in the other. Such proofs arise in important real-life applications such as those requiring verifiable PRF evaluation and have so far not received significant attention as a standalone problem.We first introduc...
Preprint
Full-text available
Tabular data sharing serves as a common method for data exchange. However, sharing sensitive information without adequate privacy protection can compromise individual privacy. Thus, ensuring privacy-preserving data sharing is crucial. Differential privacy (DP) is regarded as the gold standard in data privacy. Despite this, current DP methods tend t...
Article
A Fair Digital Exchange is defined as either all or none of the participants achieving a (predetermined) desirable outcome. This work addresses third party mediated systems for digital content where mutually unknown, and hence non-trusting, buyers, sellers and the mediator (third party) take part in an exchange protocol. We address the lack of guar...
Chapter
Security and privacy issues with centralized exchange services have motivated the design of atomic swap protocols for decentralized trading across currencies. These protocols follow a standard blueprint similar to the 2-phase commit in databases: (i) both users first lock their coins under a certain (cryptographic) condition and a timeout; (ii-a) t...
Article
In the age of cloud computing, cloud users with a limited amount of storage can outsource their data to remote servers. The cloud servers, in lieu of monetary benefits, offer retrievability of their clients' data at any point of time. A client's data can be dynamic (or static) in nature depending on whether the client can (or cannot) update the upl...
Preprint
We study cascading failures in smart grids, where an attacker selectively compromises the nodes with probabilities proportional to their degrees, betweenness, or clustering coefficient. This implies that nodes with high degrees, betweenness, or clustering coefficients are attacked with higher probability. We mathematically and experimentally analyz...
Chapter
Technology has developed over the years, making our lives easier. The healthcare sector has benefited from the advancement in technology, leading to an increase in the average life expectancy of human beings. However, there are several problems with the way the sector functions. There is a lack of transparency in the healthcare system, which result...
Article
Full-text available
The astounding growth of the Internet has generated digital asset extensively. Users are concerned about asset management so that the asset can be conveyed successfully to the descendent posthumously. Very few works have addressed designing and modeling of digital asset inheritance (DAI) from a technical design perspective. They have several inhere...
Preprint
Full-text available
Payments routed in Lightning Network are susceptible to a \emph{griefing attack}. In this attack, the channels get blocked, and the affected parties cannot process any payment request. Our work is the first to analyze griefing attacks in Hashed Timelock Contract or \emph{HTLC}, from a game-theoretic point of view. Using the same model, we analyze a...
Article
The infection rate of COVID-19 and the rapid mutation ability of the virus has forced governments and health authorities to adopt lockdowns, increased testing, and contact tracing to reduce the virus’s spread. Digital contact tracing has become a supplement to the traditional manual contact tracing process. However, although several digital contact...
Chapter
Full-text available
In this paper, we study the role of nodes and edges in a complex network in dictating the robustness of a community structure toward structural perturbations. Specifically, we attempt to identify all vital nodes, which, when removed, would lead to a large change in the underlying community structure of the network. This problem is critical because...
Article
Payment Channel Networks or PCNs solve the problem of scalability in Blockchain by executing payments off-chain. Due to a lack of sufficient capacity in the network, high-valued payments are split and routed via multiple paths. Existing multi-path payment protocols either fail to achieve atomicity or are susceptible to wormhole attack. We propose a...
Article
Hashed Timelock Contract (HTLC) in Lightning Network is susceptible to a griefing attack. An attacker can block several channels and stall payments by mounting this attack. A state-of-the-art countermeasure, Hashed Timelock Contract with Griefing-Penalty (HTLC-GP) is found to work under the classical assumption of participants being either honest o...
Article
Permissioned Blockchain has become quite popular with enterprises forming consortium since it prioritizes trust over privacy. One of the popular platforms for distributed ledger solution, Hyperledger Fabric, requires a transaction to be endorsed or approved by a group of special members known as endorsers before undergoing validation. To endorse a...
Preprint
Full-text available
Technology has evolved over the years, making our lives easier. It has impacted the healthcare sector, increasing the average life expectancy of human beings. Still, there are gaps that remain unaddressed. There is a lack of transparency in the healthcare system, which results in inherent trust problems between patients and hospitals. In the presen...
Preprint
The infection rate of COVID-19 and lack of an approved vaccine has forced governments and health authorities to adopt lockdowns, increased testing, and contact tracing to reduce the spread of the virus. Digital contact tracing has become a supplement to the traditional manual contact tracing process. However, although there have been a number of di...
Preprint
Content sharing platforms such as Youtube and Vimeo have promoted pay per view models for artists to monetize their content. Yet, artists remain at the mercy of centralized platforms that control content listing and advertisement, with little transparency and fairness in terms of number of views or revenue. On the other hand, consumers are distance...
Preprint
The Indian Personal Data Protection Bill 2019 provides a legal framework for protecting personal data. It is modeled after the European Union's General Data Protection Regulation(GDPR). We present a detailed description of the Bill, the differences with GDPR, the challenges and limitations in implementing it. We look at the technical aspects of the...
Preprint
Payment Channel Networks or PCNs have gained prominence ensuring faster relaying of transactions. However, this Layer-two solution has its own fair share of problems. Topological analysis on Lightning Network reveals that Griefing Attack is a major problem whereby an adversary intentionally exhausts the channel capacity of the network. It can be us...
Preprint
Payment protocols developed to realize off-chain transactions in Payment channel network (PCN) assumes the underlying routing algorithm transfers the payment via a single path. However, a path may not have sufficient capacity to route a transaction. It is inevitable to split the payment across multiple paths. If we run independent instances of the...
Preprint
Full-text available
Payment channel networks (PCN) are used in cryptocurrencies to enhance the performance and scalability of off-chain transactions. Except for opening and closing of a payment channel, no other transaction requests accepted by a PCN are recorded in the Blockchain. Only the parties which have opened the channel will know the exact amount of fund left...
Preprint
We address the problem of fairness and transparency in online marketplaces selling digital content, where all parties are not actively participating in the trade. We present the design, implementation and evaluation of VADER, a highly scalable solution for multi-party fair digital exchange that combines the trusted execution of blockchains with int...
Article
Cloud service providers offer various facilities to their clients. The clients with limited resources opt for some of these facilities. They can outsource their bulk data to the cloud server. The cloud server maintains these data in lieu of monetary benefits. However, a malicious cloud server might delete some of these data to save some space and o...
Preprint
Full-text available
A symmetric searchable encryption (SSE) scheme allows a client (data owner) to search on encrypted data outsourced to an untrusted cloud server. The search may either be a single keyword search or a complex query search like conjunctive or Boolean keyword search. Information leakage is quite high for dynamic SSE, where data might be updated. It has...
Chapter
A symmetric searchable encryption (SSE) scheme allows a client (data owner) to search on encrypted data outsourced to an untrusted cloud server. The search may either be a single keyword search or a complex query search like conjunctive or Boolean keyword search. Information leakage is quite high for dynamic SSE, where data might be updated. It has...
Article
Full-text available
The transition of visual secret sharing from a black & white secret image to a color image is not straight-forward. There are several models of color superposition principle. In this paper we present color visual cryptographic scheme realizing monotone access structure. We first give a generic construction method to share a color image in same colo...
Preprint
Data owners upload large files to cloud storage servers, but malicious servers may potentially tamper data. To check integrity of remote data, Proof of Retrievability (PoR) schemes were introduced. Existing PoR protocols assume that data owners and third-party auditors are honest and audit only the potentially malicious cloud server to check integr...
Preprint
Full-text available
Link Prediction is an important and well-studied problem for social networks. Given a snapshot of a graph, the link prediction problem predicts which new interactions between members are most likely to occur in the near future. As networks grow in size, data owners are forced to store the data in remote cloud servers which reveals sensitive informa...
Preprint
Data is of unprecedented importance today. The most valuable companies of today treat data as a commodity, which they trade and earn revenues. To facilitate such trading, data marketplaces have emerged. Present data marketplaces are inadequate as they fail to satisfy all the desirable properties - fairness, efficiency, security, privacy and adheren...
Preprint
Permissioned Blockchain has become quite popular with enterprises forming consortium since it prioritizes trust over privacy. One of the popular platforms for distributed ledger solution, Hyperledger Fabric, requires a transaction to be endorsed or approved by a group known as endorsers as per the specifications in the endorsement policy. To endors...
Chapter
Nowadays organizations and individuals outsource computation and storage to cloud. This poses a threat to the privacy of users. Different users encrypt their private data with (possibly) different keys to prevent any kind of outside attack on their privacy. In this outsourced model of computation where the data owners have already encrypted and upl...
Conference Paper
Cloud users (clients) with limited storage capacity at their end can outsource bulk data to the cloud storage server. A client can later access her data by downloading the required data files. However, a large fraction of the data files the client outsources to the server is often archival in nature that the client uses for backup purposes and acce...
Article
Full-text available
Bitcoin cryptocurrency system enables users to transact securely and pseudo-anonymously by using an arbitrary number of aliases (Bitcoin addresses). Cybercriminals exploit these characteristics to commit immutable and presumably untraceable monetary fraud, especially via ransomware; a type of malware that encrypts files of the infected system and d...
Preprint
Full-text available
Cloud computing enables users (clients) to outsource large volume of their data to cloud servers. Secure distributed cloud storage schemes ensure that multiple servers store these data in a reliable and untampered fashion. We propose an idea to construct such a scheme for static data by encoding data blocks (using error-correcting codes) and then a...
Preprint
Bitcoin cryptocurrency system enables users to transact securely and pseudo-anonymously by using an arbitrary number of aliases (Bitcoin addresses). Cybercriminals exploit these characteristics to commit immutable and presumably untraceable monetary fraud, especially via ransomware; a type of malware that encrypts files of the infected system and d...
Preprint
Cloud users (clients) with limited storage capacity at their end can outsource bulk data to the cloud storage server. A client can later access her data by downloading the required data files. However, a large fraction of the data files the client outsources to the server is often archival in nature that the client uses for backup purposes and acce...
Preprint
Cloud servers offer data outsourcing facility to their clients. A client outsources her data without having any copy at her end. Therefore, she needs a guarantee that her data are not modified by the server which may be malicious. Data auditing is performed on the outsourced data to resolve this issue. Moreover, the client may want all her data to...
Conference Paper
We propose a real time authentication scheme for smart grids which improves upon existing schemes. Our scheme is useful in many situations in smart grid operations. The smart grid Control Center (CC) communicates with the sensor nodes installed in the transmission lines so as to utilize real time data for monitoring environmental conditions in orde...
Article
Bitcoin is a popular "cryptocurrency" that records all transactions in an distributed append-only public ledger called "blockchain". The security of Bitcoin heavily relies on the incentive-compatible distributed consensus protocol which is run by participants called "miners". In exchange of the incentive, the miners are expected to honestly maintai...
Preprint
Bitcoin is a popular cryptocurrency that records alltransactions in a distributed append-only public ledger calledblockchain. The security of Bitcoin heavily relies on the incentive-compatible proof-of-work (PoW) based distributed consensus pro-tocol, which is run by network nodes called miners. In exchangefor the incentive, the miners are expected...
Conference Paper
Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting these websites if they are provisioned with mistakenly (or maliciously) issued certificates. Google proposed certificate transparency which is an open framework to monitor and audit certificates in real ti...
Article
Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates that have been issued by a compromised certificate authority. Google proposed certificate transparency which i...
Preprint
In the age of cloud computing, cloud users with limited storage can outsource their data to remote servers. These servers, in lieu of monetary benefits, offer retrievability of their clients' data at any point of time. Secure cloud storage protocols enable a client to check integrity of outsourced data. In this work, we explore the possibility of c...
Preprint
Cloud service providers offer various facilities to their clients. The clients with limited resources opt for some of these facilities. They can outsource their bulk data to the cloud server. The cloud server maintains these data in lieu of monetary benefits. However, a malicious cloud server might delete some of these data to save some space and o...
Article
We address two problems: firstly, we study a variant of block withholding (BWH) attack in Bitcoins and secondly, we propose solutions to prevent all existing types of BWH attacks in Bitcoins. We analyze the strategies of a selfish Bitcoin miner who in connivance with one pool attacks another pool and receives reward from the former mining pool for...
Conference Paper
Reputation boards are popular tools because of their useful information of products for consumers. In this paper, we propose a rating scheme for the reputation boards. The feature of our rating scheme is that it enables users to rate not only products but also their providers expressively by using digital signatures with predications on ratees. Fir...
Conference Paper
In this work we propose a scheme that could be used as an alternative to the existing proof of work(PoW) scheme for mining in Bitcoin P2P network. Our scheme ensures that the miner must do at least a non-trivial amount of computation for solving the computational problem put forth in the paper and thus solving a PoW puzzle. Here, we have proposed t...
Conference Paper
Bitcoin [24] is a fully decentralized electronic cash system. The generation of the proof-of-work in Bitcoin requires large amount of computing resources. However, this huge amount of energy is wasted as one cannot make something useful out of it. In this paper, we propose a scheme called Retricoin which replaces the heavy computational proof-of-wo...
Chapter
Cloud servers offer data outsourcing facility to their clients. A client outsources her data without having any copy at her end. Therefore, she needs a guarantee that her data are not modified by the server which may be malicious. Data auditing is performed on the outsourced data to resolve this issue. Moreover, the client may want all her data to...
Article
Full-text available
In the past few years, vehicular ad hoc networks(VANETs) was studied extensively by researchers. VANETs is a type of P2P network, though it has some distinct characters (fast moving, short lived connection etc.). In this paper, we present several limitations of current trust management schemes in VANETs and propose ways to counter them. We first re...
Article
Full-text available
We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication. In the proposed scheme, the cloud verifies the authenticity of the series without knowing the user's identity before storing data. Our scheme also has the added feature of access control in which only valid users are able t...
Conference Paper
Jamming resistant communication mechanism is essential for reliable wireless communication. In this paper, we propose two channel hopping protocols using combinatorial designs for alleviating jamming attacks. One of these protocols is for unicast communication model and the other is aimed for multicast communication model. To the best of our knowle...
Article
We address pairwise and (for the first time) triple key establishment problems in wireless sensor networks (WSN). Several types of combinatorial designs have already been applied in key establishment. A BIBD(v, b, r, k, λ) (or t - (v, b, r, k, λ) design) can be mapped to a sensor network, where v represents the size of the key pool, b represents th...
Conference Paper
Full-text available
In smart power grid, power grid and communication network are connected and mutually dependent. The failure in power grid might cause failures in communication network, and vice versa. A tiny failure in either of them could trigger cascade of failures within the entire system. In this paper, we focus on understanding the structure of smart power gr...
Conference Paper
Current geocasting algorithms for VANETs are being designed to enable either private or reliable communications, but not both. Existing algorithms preserve privacy by minimizing the information used for routing, and sacrifice message delivery success. On the other hand, reliable protocols often store node information that can be used to compromise...
Conference Paper
An Unattended Wireless Sensor Network (UWSN) is a type of sensor network where a trusted sink visits each node periodically to collect the data. Due to the offline nature of this network, every node has to secure its data until the next visit of the sink which makes the network susceptible of attacks focusing on the data collected. In this work, we...
Article
We propose a decentralized security framework for smart grids that supports data aggregation and access control. Data can be aggregated by home area network (HAN), building area network (BAN), and neighboring area network (NAN) in such a way that the privacy of customers is protected. We use homomorphic encryption technique to achieve this. The con...
Conference Paper
In a mobile Unattended Wireless Sensor Network (UWSN), a trusted sink visits each sensor node periodically to collect data. Data has to be secured until the next visit of the sink. Securing the data from an adversary in UWSN with mobile nodes is a challenging task.We present two non-cryptographic algorithms (DS-PADV and DS-RADV) to ensure data surv...
Conference Paper
We propose techniques to secure smart homes using Physically Unclonable Functions (PUF). Physically Unclonable functions are objects which are unclonable and provide only one response when a challenge is presented. These are tamper-proof and cannot be manipulated without physically destroying them. Thus, they are alternatives to smart cards and bio...
Article
HC-128 is an eSTREAM final portfolio stream cipher. Several authors have investigated its security and, in particular, distinguishing attacks have been considered. Still, no one has been able to provide a distinguisher stronger than the one presented by Wu in the original HC-128 paper. In this paper we first argue that the keystream requirement in...
Article
In this paper, we propose a new privacy preserving authenticated access control scheme for securing data in clouds. In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user's identity before storing information. Our scheme also has the added feature of access control in which only valid users are able to decr...
Article
We propose an integrated architecture for smart grids, that supports data aggregation and access control. Data can be aggregated by home area network, building area network and neighboring area network in such a way that the privacy of customers is protected. We use homomorphic encryption technique to achieve this. The consumer data that is collect...
Chapter
Wireless networks are more vulnerable to security threats than wired networks. Since sensors are resource constrained, the use of traditional cryptographic key management techniques is not practical. Hence keys are distributed in sensor nodes prior to their deployment. This method, called key predistribution, was investigated recently in a number o...
Conference Paper
We propose a new model for data storage and access in clouds. Our scheme avoids storing multiple encrypted copies of same data. In our framework for secure data storage, cloud stores encrypted data (without being able to decrypt them). The main novelty of our model is addition of key distribution centers (KDCs). We propose DACC (Distributed Access...
Conference Paper
Vehicular networks ensure that the information received from any vehicle is promptly and correctly propagated to nearby vehicles, to prevent accidents. A crucial point is how to trust the information transmitted, when the neighboring vehicles are rapidly changing and moving in and out of range. Current trust management schemes for vehicular network...
Conference Paper
Access control of message is required when certain selected vehicles are granted access to information, instead of all vehicles within communication range. In these situations an access policy (consisting of attributes as road situation and vehicle type) is built into the vehicle and messages are encrypted using these access policies. Only valid ve...
Conference Paper
In mission-critical activities, each user is allowed to access some specific, but not all, data gathered by wireless sensor networks. Yu et al recently proposed a centralized fine grained data access control mechanism for sensor networks, which exploits a cryptographic primitive called attribute based encryption (ABE). There is only one trusted aut...
Conference Paper
We address pairwise and (for the first time) triple key establishment problems in wireless sensor networks (WSN). We use combinatorial designs to establish pairwise keys between nodes in a WSN. A BIBD(v; b; r; k; λ) (or t - (v; b; r; k; λ)) design can be mapped to a sensor network, where v represents the size of the key pool, b represents the maxim...
Article
Detecting misbehavior (such as transmissions of false information) in vehicular ad hoc networks (VANETs) is very important problem with wide range of implications including safety related and congestion avoidance applications. We discuss several limitations of existing misbehavior detection schemes (MDS) designed for VANETs. Most MDS are concerned...
Conference Paper
Key management is an important area of research in Wireless Sensor Networks (WSN), because resource constraints make security protocols difficult to be implemented. Key predis- tribution, which involves preloading keys in sensor nodes, has been considered as the best solution when sensor nodes are battery powered and have to work unattended. We pro...
Article
Full-text available
Batch codes, introduced by Ishai, Kushilevitz, Ostrovsky and Sahai in [1], are methods for solving the following data storage problem: n data items are to be stored in m servers in such a way that any k of the n items can be retrieved by reading at most t items from each server, and that the total number of items stored in m servers is N . A Combin...
Article
We propose two deterministic key predistribution schemes in a wireless sensor network (WSN), in which sensor nodes are deployed randomly. Both the schemes are based on combinatorial designs, called partially balanced incomplete block designs (PBIBD). An important feature of our scheme is that every pair of nodes within communication range can commu...
Article
We propose a new grid-group deployment scheme in wireless sensor networks. We use combinatorial designs for key predistribution in sensor nodes. The deployment region is divided into square regions. The predistribution scheme has the advantage that all nodes within a particular region can communicate with each other directly and nodes which lie in...

Network

Cited By