Susmita Mandal - Academia.edu (original) (raw)

Susmita Mandal

Uploads

Papers by Susmita Mandal

Research paper thumbnail of Provably secure certificateless protocol for wireless body area network

Wireless Networks

Wireless body area networks are gaining popularity due to their innovative applications such as t... more Wireless body area networks are gaining popularity due to their innovative applications such as timely analysis, remote monitoring of patients' health, and high patient care quality. However, these healthcare systems that carry patient's physiological data need special attention for the security and privacy of information. Due to the openness of transmitted data, the healthcare system gets prone to several adverse attacks. In this paper, a provably secure remote healthcare system is proposed based on the elliptic curve cryptosystem. The goal is to enable confidentiality and privacy of sensitive information by designing a certificateless authenticated key agreement protocol with low computational cost and higher security. The proposed scheme achieves anonymity, resistance to key escrow problems, mutual authentication between the sensor nodes attached to patients and the application provider. Furthermore, the protocol undergoes formal security analysis using the random oracle model, and the soundness of the proposed scheme is validated using ProVerif. Finally, the performance analysis depicts that the proposed scheme is efficient compared to existing methods.

Research paper thumbnail of An ID-based authenticated three-party key exchange protocol

ACCENTS Transactions on Information Security, 2017

Key exchange protocols enable two parties to communicate securely over an untrusted network by ex... more Key exchange protocols enable two parties to communicate securely over an untrusted network by exchanging a shared secret among them. Authentication and privacy are the two primary objectives of network security where privacy ensures that transmitted messages cannot eavesdrop. On the other hand, authentication assures that no unauthorized user can gain access maliciously. These two goals can be achieved simultaneously, using authenticated key exchange scheme where two or more parties can share a common secret to transmit a message securely in an open network. Abundant work has been done in 3PAKErelevant to password-based authentication, traditional public key cryptosystem (PKC) and without server's public key

Research paper thumbnail of Multi-Party Key-Exchange with Perfect Forward Secrecy

The paper proposes a multi-party key exchange scheme with Perfect Forward Secrecy (PFS) which ens... more The paper proposes a multi-party key exchange scheme with Perfect Forward Secrecy (PFS) which ensures that a session key derived from a set of long-term public and private keys used in the protocol to authenticate, does not compromise
the secrecy of session key. In this protocol, each group establishes connection by communicating through a trusted third party. The trusted party acts as a group controller generates a public key and broadcasts it among the groups. Each group generate their public keys and send to trusted party. After receiving all the keys the group controller shares it among all the parties to generate the session key. Similarly, each group manager of individual group communicates with the members of the corresponding group. The security of the proposed scheme is analysed rigorously and proved to be resistant against non-repudiation attack, replay attack, chosen cipher attack, man-in-the middle attack. The scheme has wider applications such as, sending encrypted e-mail in a military environment to multiple users, securing submitted bids information in online tender, contract signing by many organizations, etc.

Research paper thumbnail of Provably secure certificateless protocol for wireless body area network

Wireless Networks

Wireless body area networks are gaining popularity due to their innovative applications such as t... more Wireless body area networks are gaining popularity due to their innovative applications such as timely analysis, remote monitoring of patients' health, and high patient care quality. However, these healthcare systems that carry patient's physiological data need special attention for the security and privacy of information. Due to the openness of transmitted data, the healthcare system gets prone to several adverse attacks. In this paper, a provably secure remote healthcare system is proposed based on the elliptic curve cryptosystem. The goal is to enable confidentiality and privacy of sensitive information by designing a certificateless authenticated key agreement protocol with low computational cost and higher security. The proposed scheme achieves anonymity, resistance to key escrow problems, mutual authentication between the sensor nodes attached to patients and the application provider. Furthermore, the protocol undergoes formal security analysis using the random oracle model, and the soundness of the proposed scheme is validated using ProVerif. Finally, the performance analysis depicts that the proposed scheme is efficient compared to existing methods.

Research paper thumbnail of An ID-based authenticated three-party key exchange protocol

ACCENTS Transactions on Information Security, 2017

Key exchange protocols enable two parties to communicate securely over an untrusted network by ex... more Key exchange protocols enable two parties to communicate securely over an untrusted network by exchanging a shared secret among them. Authentication and privacy are the two primary objectives of network security where privacy ensures that transmitted messages cannot eavesdrop. On the other hand, authentication assures that no unauthorized user can gain access maliciously. These two goals can be achieved simultaneously, using authenticated key exchange scheme where two or more parties can share a common secret to transmit a message securely in an open network. Abundant work has been done in 3PAKErelevant to password-based authentication, traditional public key cryptosystem (PKC) and without server's public key

Research paper thumbnail of Multi-Party Key-Exchange with Perfect Forward Secrecy

The paper proposes a multi-party key exchange scheme with Perfect Forward Secrecy (PFS) which ens... more The paper proposes a multi-party key exchange scheme with Perfect Forward Secrecy (PFS) which ensures that a session key derived from a set of long-term public and private keys used in the protocol to authenticate, does not compromise
the secrecy of session key. In this protocol, each group establishes connection by communicating through a trusted third party. The trusted party acts as a group controller generates a public key and broadcasts it among the groups. Each group generate their public keys and send to trusted party. After receiving all the keys the group controller shares it among all the parties to generate the session key. Similarly, each group manager of individual group communicates with the members of the corresponding group. The security of the proposed scheme is analysed rigorously and proved to be resistant against non-repudiation attack, replay attack, chosen cipher attack, man-in-the middle attack. The scheme has wider applications such as, sending encrypted e-mail in a military environment to multiple users, securing submitted bids information in online tender, contract signing by many organizations, etc.

Log In