Interpretation of formal proof for Cryptographic Protocols
Transcript of Interpretation of formal proof for Cryptographic Protocols
Abstract
Cryptography is the spinal cord for all security measures
involved in computing field so a lot of emphasis is required
to be given to make it strong enough to deal all the
transition of the security industry. We present a general
method to prove security properties of multiple
cryptographic protocols in an execution model where clients
exchange messages using multiple protocols against active
adversaries. The method discussed here allows to interpret
the logical formal proofs of cryptographic systems into their
computational equivalent. The security properties are
expressed in terms of logics, which are then interpreted in a
computational setup. Also, we further show that if the
statement is true for any symbolic execution then the
corresponding computational interpretation is widely
accepted in all forms. The messages between clients are
expressed in syntax form and do not require dealing with
asymptotic notations and probability distribution. This
paper provides a basic framework and edifice for extending
the protocol specification language with other
cryptographic primitives.
Keywords: Cryptographic protocols, Symbolic analysis,
Protocol logic, formal methods for security protocols.
I. Introduction
Cryptographic protocols are fundamental tool in the design
of secure distributed computing systems [3][4][7], but they
are also extremely hard to design and validate. The
difficulty of designing valid cryptographic protocols[1][5]
stems mostly from the fact that security properties[2] should
remain valid even when the protocol is executed in an
unpredictable adversarial environment, where some of the
clients (or an external entity) are maliciously attempting to
make the protocol deviate from its prescribed behavior.
Basically, Cryptographic protocols are coined in one of two
ways: [9][11][15]
A. Computational Model:
The computational model consists of following models:
Messages are considered as bit-strings[17];
The encryption operation[19] of message is a
concrete arithmetic;
Security is defined in terms of that a
computationally bounded[20][23] adversary can
only attack successfully with negligible probability;
Analysis of security is done by reduction.
B. Formal Model (“Dolev-Yao model”):
The formal model comprises of:
Abstracts cryptographic concepts into an algebra of
symbolic messages[9][12];
Messages are considered as formal expressions;
The encryption operation is only an abstract
function;
Security is modeled by formal formulas[14];
Analysis of security is done by formal reasoning.
This paper is divided into six parts. Starting with
introduction (Section-I), next section covers theoretical
experiment (Section-II). Moving ahead analysis model
(Section-III), related work has been described in
(Section-IV) and finally conclusion & future work has
been described in (Section-V & VI).
II. Theoretical Experiment
Example:
A→B: e = {xˋk}xk , mac(e, xmk) xˋk fresh
A sends to B a fresh key x′k encrypted under authenticated
encryption [22][23], implemented as encrypt-then-MAC.
x′k should remain secret.
Step 1: Initialization:
A→B: e = {xˋk}xk , mac(e, xmk) xˋk fresh
Q0= start(); new xr : keyseed; let xk : key= kgen(xr) in
new xˋr : mkeyseed; let xmk : mkey = mkgen(xˋr) in α(); (QA | QB)
Initialization of keys:
The process Q0 waits for a message on channel
start. The adversary triggers this process.
Interpretation of formal proof for Cryptographic Protocols into
Computational Model
Sanjay Kumar Sonkar1, Darmendra Lal Gupta
2, Dr. Anil Kumar Malviya
3, Ganesh Chandra
4, Vinod Kumar Yadav
5
1,4,5M. Tech. Student, Department of Computer Science & Engineering, Kamla Nehru Institute of Technology, Sultanpur, (U.P.) India 2Assistant Professor, Department of Computer Science & Engineering, Kamla Nehru Institute of Technology, Sultanpur, (U.P.) India 3Associate Professor, Department of Computer Science & Engineering, Kamla Nehru Institute of Technology, Sultanpur, (U.P.) India
E-mail: {[email protected], [email protected], [email protected], [email protected], [email protected] }
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
525
ISSN:2229-6093
Q0 generates encryption and MAC keys, xk and xmk
[2][6] respectively, using the key generation
algorithms kgen and mkgen.
Q0 returns control to the adversary by the output
α().
QA and QB represent the actions of A and B.
Step 2:
a) Role of A:
A→B: e = {xˋk}xk , mac(e, xmk) xˋk fresh
QA = βi ≤ n
CA(); new xˋk : key; new x″r :coins;
Let xm : bitstring = enc(k2b(xˋk), xk, x″r) in
CA<xm, mac(xm, xmk)>
βi ≤ n
represents n copies, indexes by i ϵ [1,n]
The protocol can be run n times (polynomial in the
security parameter [4]).
The process is triggered when a message is sent on
CA by the adversary.
The process chooses a fresh key xˋk and sends the
message on channel CA.
b) Role of B:
A→B: e = {xˋk}xk , mac(e, xmk) xˋk fresh
QB = βi ≤ n
CB(xˋm : bitstring, xma : macstring);
if veriry (xˋm , xmk , xma) than
let i ⊥ (k2b(x″k)) = dec (xˋm, xk) in CB()
n copies, as for QA.
The process QB waits for the message on channel
CB.
It verifies the MAC, decrypts and stores the key in
x″k.
Step 3: Indistinguishability as observational equivalence:
Two processes Q1, Q2 are observationally equivalent where
the adversary has a negligible probability of distinguishing
them:
Q1 ≈ Q2
In the formal definition, the adversary is represented by an
acceptable evaluation context C:: = C|Q & Q|C new
Channel c; C.
Observation equivalence is an equivalence relation.
It is contextual: Q1 ≈ Q2 implies C[Q] ≈ C[Q]
where C is any acceptable evaluation context.
Step 4: Proof Technique:
We transform a Game G0 into an observationally equivalent
[27][28] on using:
Observational equivalences: L ≈ R given as
axioms and that come from security assumptions
on primitives. These equivalences are used inside a
context:
G1 ≈ C[L] C[R] ≈ G2
Syntactic transformations: Simplification,
expansion of assignments,
We obtain a sequence of games G0 ≈ G1 ≈ … ≈ Gm, which
implies G0 ≈ Gm.
If some equivalence or trace property hold with
overwhelming probability in Gm, then it also hold with
overwhelming probability in G0.
Step 5: Security definition [1][2][9]:
A MAC scheme:
(Randomized) key generation function mkgen.
MAC function mac (m, k) takes as input a message
m and a key k.
Verification function verify(m, k, t) such that
Verify (m, k, mac (m, k)) = true.
A MAC guarantees the integrity and authenticity [26] of the
message because only someone who knows the secret key
can build the mac.
More formally, an adversary A that has oracle access to mac
and verify has a negligible probability to forge a MAC:
max Pr[verify (m, k, t) | k ← mkgen; (m, t) ← Amac (. , k), verify(. , k, .) ]
A
is negligible, when the adversary A has not called the mac
oracle on message m.
Step 6: Intuitive Implementation:
By the previous definition, up to neglible probability,
The adversary cannot forge a correct MAC.
So when verifying a MAC with verify (m, k, t) and
k ← mkgen is used only for generating and
verifying MACs, the verification can succeed only
if m is in the list (array) of message whose mac has
been computed by the protocol.
So we can replace a call to verify with an array
lookup:
If the call to mac is mac (x, k), we replace verify
(m, k, t) with find j ≤ N such that defined (x[j]) ˄
(m = x[j]) ˄ verify (m, k, t) then true else false.
Step 7: Formal implementation (1) [15]:
Verify (m, mkgen(r), mac(m, mkgen(r))) = true
βN″
new r : mkeyseed; (βN(x : bitstring) → mac(x, mkgen(r)),
βNˋ
(m : bitstring, t : macstring) → verify(m, mkgen(r), t))
≈
βN″
new r : mkeyseed; (βN(x : bitstring) → mac(x, mkgen(r)),
βNˋ
(m : bitstring, t : macstring) →
find j ≤ N such that defined(x[j]) ˄ (m = x[j]) ˄ verify(m,
mkgen(r), t) then true else false.
Formal implementation (2):
Verify (m, mkgen(r), mac(m, mkgen(r))) = true
βN″
new r : mkeyseed; (βN(x : bitstring) → mac(x, mkgen(r)),
βNˋ
(m : bitstring, t : macstring) → verify(m, mkgen(r), t))
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
526
ISSN:2229-6093
≈
βN″
new r : mkeyseed; (βN(x : bitstring) → macˋ(x, mkgenˋ(r)),
βNˋ
(m : bitstring, t : macstring) →
find j ≤ N such that defined(x[j]) ˄ (m = x[j]) ˄ verifyˋ(m,
mkgenˋ(r), t) then true else false.
The prover applies the previous rule automatically in any
(polynomial-time) context, perhaps containing several
occurrences of mac and verify following:
Each occurrence of mac is replaced with macˋ.
Each occurrence of verify is replaced with a
message key and find that looks in all arrays of
computed MACs.
Step 8: Proof of security properties:
a. One-session secrecy:
The adversary cannot distinguish any of the
secretes from a random number with one test query.
Criterion for proving one-session secrecy [19][21] of x:
X is defined by new x[i] : T and there is a set of
variables S such that only variables in S depend on x.
The output messages and the control-flow do not
depend on x.
b. Secrecy:
The adversary cannot distinguish the secrets from
independent random numbers with several test queries.
Criterion for proving secrecy of x:
Same as one-session secrecy, plus x[i] and x[iˋ] do
not come from the same copy of the same restriction when
i ≠ iˋ.
Step 9: Result:
In most cases, the prover succeeds in proving the
desired properties when they hold and obviously it always
fails to prove them when they do not hold.
Only cases in which the prover fails although the property
holds:
Needham-Schroeder [9][11] public-key when the
exchanged key is the nonce NA.
Needham-Schroeder shared-key: fails to prove that
NB [i] ≠ NB[iˋ]-1 with overwhelming probability,
where NB is a nonce.
III. Analysis Model
Deniable authentication protocols allow a Sender to
authenticate a message for a receiver, in a way that the
receiver cannot convince a third party that such
authentication (or any authentication) ever took place.
Deniable authentication has two characteristics that differ
from traditional authentication: One is that only the intended
receiver can authenticate the true source of a given message;
the other is that the receiver cannot provide the evidences to
prove the source of the message to a third party. A practical
secure deniable authentication protocol should have the
following properties: Completeness or authentication, strong
deniability, weak deniability, security of forgery attack,
security of impersonate attack, security of compromising
session secret attack, security of man-in-the-middle attack.
Figure 1: Analysis model of deniable authentication protocols with
Blanchet calculus
Generally deniable authentication protocol includes three
roles, Sender which is initiator, receiver which is responder
and third party, represented by Sender, Receiver and Third
party, respectively. We assume that Sender plays only on the
role of the initiator; Receiver plays only the role of
responder, Third party play only on the prover. The deniable
authentication protocol consists of a sequence of messages
exchanged between the Sender and the Receiver & the
Receiver and Third party. In deniable authentication
protocol Sender can authenticate a message for Receiver, in
a way that they cannot Receiver convince a Third party that
such authentication (or any authentication) ever took place.
Deniable authentication protocol has two characteristics that
differ from traditional authentication protocol. One is that
only the intended Receiver can authenticate the true source
of a given message. The other is that the Sender cannot
provide the evidences to prove the source of the message to
a third party at some condition and the Receiver can provide
the evidences to prove the source of the message to a third
party. The ability of adversary is defined in the previous
section. It can control the channel SR between Sender and
Receiver. It cannot control the channels: Channel ST and
channel RT. At the same time the adversary is a
probabilistic polynomial-time attacker.
Strong deniability:
The purpose of strong deniability is to protect the privacy of
Sender. After execution of the deniable authentication
protocol the Sender can deny to have ever authenticated
anything to Receiver. If the prover (Receiver or the any
other party) wants to prove that the Sender have
authenticated messages to Receiver, they must provide all
the relevant evidence. The Sender can provide his secret
information to the Third party. A adversary model in strong
deniability: we suppose that the Sender and the Receiver
cooperate with the judge or the prover or the any other party
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
527
ISSN:2229-6093
which means that the Sender and the Receiver provide all
the transcripts of the message in the deniable authentication
protocol to them.
If DAP satisfies the condition one and four in:
Inj-event (wholesender(Receiver, x)) = inj-event(wholeReceiver(Sender, x) )
Inj-event (wholeThirdparty(Receiver, x)) = inj-event(wholeThirdparty(Sender, x) )
Definition DAP and DAP’ satisfies the correspondence and
with public variables V = φ, then DAP is a secure deniable
authentication protocol with session in a adversary model in
strong deniability. In the above definition of DAP the
injective correspondence can be instead by non-injective
correspondence.
Weak deniability:
The purpose of weak deniability is to protect the privacy of
Sender. After execution of the deniable authentication
protocol the Receiver can prove to have spoken to Sender
but not the content of what the Sender authenticated in a
way that the Receiver cannot convince a third party.
Deniable Authentication Protocol
Security Properties
Active Adversary Model
Balnchet Calculus
Computational Model
Meng & Shao
Mechnized Model
Crypto Verification
Automated
Verification
Figure 2: Model of automatic verification of deniable authentication
protocols
If the Receiver want to prove that the Sender have
authenticated messages to Receiver, he must provide the
evidence related to the thing. An adversary model in weak
deniability: When discussing the weak deniability, in
addition the adversary has the ability in previous section; we
always suppose that only the Receiver generates the
evidence that the Sender have authenticated messages to
Receiver. Receiver cannot get the secret information of the
Sender, for example the private key of Sender. Receiver can
provide his secret information to the Third party.
If DAP’ satisfies the condition one in definition DAP and
DAP’ satisfies the correspondence:
Inj-event (wholesender(Receiver, x)) = inj-event(wholeReceiver(Sender, x) )
Inj-event (wholeThirdparty(Receiver, x)) = inj-event(wholeThirdparty(Sender, x) )
and with public variables V = φ, then DAP is a secure
deniable authentication protocol with session functions in a
adversary model in weak deniability. In the above definition
of DAP the injective correspondence can be instead by non-
injective correspondence.
Relating the Two Models:
In order to prove any relationship between the formal and
computational worlds, we need to define the interpretation
of expressions [8] and patterns. Once an encryption scheme
is depicted, we can define the interpretation function α,
which assigns to each expression or pattern M a family of
random variables {αη(M)}η∈N such that each αη(M) takes
values in strings. For expressions:
Blocks are interpreted as strings,
Each key is interpreted by running the key
generation algorithm,
Pairs are translated into computational pairs,
Formal encryptions terms are interpreted by
running the encryption algorithm.
Difference between Formal approach and
Computational approach [15]:
Our Contribution:
The primary contribution of this paper is that it tried to bring
about various concepts which are requisite for concrete
development in proofs of cryptography protocols and
remove the bottleneck reason for its failure. In particular, we
define the equivalence between formal messages in the
presence of both key cycles and secret shares, and then
prove the computational soundness [13][16] about formal
encryption in this setting.
1. First computational analysis of an industrial protocol:
Consider authentication[29] and secrecy
properties[26],
Analyzed Basic Kerberos 5 and public-key
Kerberos[22],
Kerberos is complex (e.g. PKINIT uses both
public-key and symmetric).
Cryptographic primitives (Encryption, Signatures,
MACs).
2. Proofs were carried out symbolically in the BPW
model:
Proofs in Dolev-Yao style model are
cryptographically sound,
Proofs can be automated.
Formal approach Computational
approach
Message Terms Bits-strings
Encryption Idealized Algorithm
Adversary Idealized Any polynomial
algorithm
Secrecy
property
Reach ability-based
property
Indistingability
Guarantees Unclear Strong
Proof Automatic By hand and error-
prone
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
528
ISSN:2229-6093
IV. Related Work
Early work on linking Dolev-Yao models and cryptography
only considered passive attacks, and therefore cannot make
general statements about protocols. A Cryptographic
justification for a Dolev-Yao model in the sense of under
active attacks and within arbitrary surrounding interactive
protocols [29][30].
Diminishing the distance between the computational and
logic treatment of Cryptography has been the subject of
many recent research efforts. The works which are more
closely related to our paper, which present a simple logic for
reasoning about the security protocols written in a language
similar to ours, but only for the case of passive adversaries.
Other approaches to bridging the logic and computational
models of cryptography have also been considered in the
literature, but they all seem considerably more complex. The
notions of probability, polynomial bounded computation,
and computational in distinguish ability are incorporated in
a process calculus, and security is defined in terms of
observational equivalence on processes.
Work is in progress regarding formulation of mathematical
model for syntactic approach dealing with probability and
polynomial-time [14] considerations and encoding them into
proof tools, in particular. This is equivalent to the work of
justifying Dolev-Yao models, which offer a higher level of
abstractions and thus much simpler proofs where applicable,
so that proofs of larger systems can be automated.
V. Conclusion
On the macroscopic view, we come across the various
security measures involved in security protocol proofs. This
paper properly deals with all the computational technique
which can overcome all the day by day new developments
in cryptographic field.
This paper reflects logical formal proofs of security
protocols into the computational model. The formal proofs
are easy with respect to computational model as we don’t
have to consider the probabilistic distribution and
asymptotic notations. The security properties are expressed
in terms simple logic based language using syntactic
expressions and are then interpreted in a computational
setup. Also these formal proof are sound as any active
adversaries can extract information from messages if the
statement hold true for any symbolic execution. Therefore,
we need such a framework for the interpretation of formal
proof into cryptographic system so as to develop more and
more secure communication systems.
VI. Future Work
1. Considering execution models in which we can extend
instances not of a single but of a set of protocols if they
are developed in future.
2. Developing a more general execution model involving
reactive clients.
3. Generalize our abstract definition of security notions to
capture secrecy properties.
4. Augmenting the BPW model with tailored protocol
logics to further simplify modular reasoning.
5. Understanding the relation of correctness proofs of
(commercial) protocols in MSR and in the BPW
model.
VII. References
[1] E. S. Cohen, “Information transmission in
computational systems,” ACM SIGOPS Operating
Systems Review, vol. 11, no. 5, pp. 133–139, 1977.
[2] J. McLean, “Security models and information
flow,” in Proc. IEEE Symp. on Security and
Privacy, May 1990, pp. 180–187.
[3] Focardi and R. Gorrieri, “A classification of
security properties for process algebras,” J.
Computer Security, vol. 3, no. 1, pp. 5–33, 1995.
[4] D. Song. An automatic checker for security
protocol analysis. In 12th IEEE Computer Security
Foundations Workshop, June 1999.
[5] D. Kozen, “Language-based security,” in Proc.
Mathematical Foundations of Computer Science.
Sept. 1999, vol. 1672 of LNCS, pp. 284– 298,
Springer-Verlag.
[6] Aldini, “Probabilistic information flow in process
algebra,” in Proc. CONCUR’01. Aug. 2001, vol.
2154 of LNCS, pp. 152–168, Springer-Verlag.
[7] Michele Boreale. Symbolic trace analysis of
cryptographic protocols. In 28th Colloquium on
Automata, Languages and Programming (ICALP),
LNCS. Springer, July 2001.
[8] M. Zanotti, “Security typings by abstract
interpretation,” in Proc.Symposium on Static
Analysis. Sept. 2002, vol. 2477 of LNCS, pp. 360–
375, Springer-Verlag.
[9] M. Backes and B. Pfitzmann. A cryptographically
sound security proof of the Needham-Schroeder-
Lowe public-key protocol. Available as Cryptology
ePrint Archive, Report 2003/121.
[10] M. Backes, B. Pfitzmann, and M. Waidner. A
universally composable cryptographic library.
Available as Cryptology ePrint Archive, Report
2003/015.
[11] M. Backes and B. Pfitzmann. Symmetric
Encryption in a simulatable Dolev-Yao style
cryptographic library. In Proceedings of the 17th
Computer Security Foundations Workshop, pages
204{218. IEEE Computer Society, June 2004.
[12] Iliano Cervesato, Aaron D. Jaggard, Andre
Scedrov, and Christopher Walstad. Specifying
Kerberos 5 Cross-Realm Authentication. In Proc.
WITS’05, pages 12–26. ACM Digital Lib., 2005.
[13] V`eronique Cortier and Bogdan Warinschi.
Computationally sound, automated proofs for
security protocols. In Proc. 14th European
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
529
ISSN:2229-6093
Symposium on Programming (ESOP), pages 157–
171, 2005.
[14] Anupam Datta, Ante Derek, John Mitchell, Vitalij
Shmatikov, and Matthieu Turuani. Probabilistic
polynomial-time semantics for protocol security
logic. In Proc. 32nd International Colloquium on
Automata, Languages and Programming (ICALP),
volume 3580 of Lecture Notes in Computer
Science, pages 16–29. Springer, 2005.
[15] Laud, P. Formal analysis of crypto protocols:
Secrecy types for a simulatable cryptographic
library. In Proc. ACM Conf. on Computer and
Communication Security (ACM CCS 2005)
(2005), ACM Press, pp. 26–35.
http://scialert.net/fulltext/?doi=itj.2011.1068.1091
&org=11
[16] C. He and J. C. Mitchell. Security Analysis and
Improvements for IEEE 802.11i. In Proceedings of
the 11th Annual Network and Distributed System
Security Symposium (NDSS ’05), February 2005.
[17] Ran Canetti and Jonathan Herzog. Universally
composable symbolic analysis of cryptographic
protocols (the case of encryption-based mutual
authentication and key exchange). In Proc. 3rd
Theory of Cryptography Conference (TCC), 2006.
[18] Iliano Cervesato, Aaron D. Jaggard, Andre
Scedrov, Joe-Kai Tsay, and Chris Walstad.
Breaking and fixing public-key Kerberos. In Proc.
WITS’06, pages 55–70, 2006.
[19] Anupam Datta, Ante Derek, John Mitchell, and
Bogdan Warinschi. Key exchange protocols:
Security definition, proof method, and applications.
In 19th IEEE Computer Security Foundations
Workshop (CSFW 19), Venice, Italy, 2006. IEEE
Press.
[20] Tsudik, G. YA-TRAP: Yet another trivial RFID
authentication protocol. In Proc. IEEE Intern. Conf.
on Pervasive Computing and Communications
(PerCom 2006) (2006), IEEE Press.
[21] Oren, Y., and Shamir, A. Power analysis of RFID
tags. Appeared in the rump session of Advances in
Cryptology, CRYPTO 2006. Available online at
http://www.wisdom.weizmann.ac.il/_yossio/rfid/,
Weizmann Institute, 2006.
[22] Burmester, M., van Le, T., and de Medeiros, B.
Provably secure ubiquitous systems: Universally
composable RFID authentication protocols. E-print
report 2006/131, International Association for
Cryptological Research, 2006.
[23] IETF. Public Key Cryptography for Initial
Authentication in Kerberos, 1996–2006. Sequence
of Internet drafts available from
http://tools.ietf.org/wg/krb-wg/draft-ietf-cat-
kerberos-pk-init/.
[24] F. Wang and Y. Zhang, “A new provably secure
authentication and key agreement mechanism for
SIP using certificateless public-key cryptography”,
Cryptology ePrint Archive, Report 2007/220, 2007.
[25] Tarjei K. Mandt and Chik How Tan,
“Certificateless authenticated two-party key
agreement protocol”, ASIAN 2006, LNCS 4435,
pp.37-44, 2007.
[26] Y. Sun, F. Zhang, and J. Baek, “Strongly Secure
Certificate less Public Key Encryption without
Pairing”, CANS 2007, LNCS 4856, pp.194-208,
2007.
[27] X. Liang, SH. Wang, J. Shen and G. Xu, “Breaking
and Repairing the Certificate less key agreement
protocol from ASIAN 2006”, Wuhan University
Journal of Natural Sciences,vol. 13, no. 5, pp. 562-
566, 2008.
[28] Dario Fiore and Rosario Gennaro, “Making the
Diffie-Hellman Protocol Identity-Based”,
http://eprint.iacr.org/2009/174,2009.
[29] Georg Lippold, Colin Boyd and Juan Gonzalez
Nieto, “Strongly Secure Certificate less Key
Agreement”, http://eprint.iacr.org/2009/219.
[30] Cas J.F. Cremers, “Formally and Practically
Relating the CK, CK-HMQV, and eCK Security
Models for Authenticated Key Exchange”,
http://eprint.iacr.org/2009/253.
Bibliographies:
Sanjay Kumar Sonkar was born at
Varanasi, (U.P.), in India. He received
the B. Tech degree in Computer Science
& Engineering in 2010 from Radha
Govind Engineering College, Meerut,
India. Presently, he is an M.Tech student
in Computer Science & Engineering from Kamla Nehru
Institute of Technology, Sultanpur, U.P., India.
Dharmendra Lal Gupta is currently
working as an Assistant Professor in the
Department of Computer Science &
Engineering at KNIT, Sultanpur (U.P.)
India. And he is also pursuing his Ph.D.
in Computer Science & Engineering
from Mewar University, Chittorgarh (Rajasthan). He
received B.Tech.(1999) from Kamla Nehru Institute of
Technology (KNIT) Sultanpur, in Computer Science &
Engineering, M.Tech. Hon’s (2003) in Digital Electronics
and Systems from Kamla Nehru Institute of Technology
(KNIT) Sultanpur. His research interests are Cryptography
and Network Security, Software Quality Engineering, and
Software Engineering.
Dr. Anil Kumar Malviya is an Associate
Professor in the Computer Science &
Engineeering. Department at Kamla
Nehru Institute of Technology, (KNIT),
Sultanpur. He received his B.Sc. &
M.Sc. both in Computer Science from
Banaras Hindu University, Varanasi respectively in 1991
and 1993 and Ph.D. degree in Computer Science from
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
530
ISSN:2229-6093
Dr. B.R. Ambedkar University; Agra in 2006.He is Life
Member of CSI, India. He has published about 31papers in
International/National Journals, conferences and seminars.
His research interests are Data mining, Software
Engineering, Cryptography & Network Security.
Ganesh Chandra was born at Kanpur,
India. He received the B. Tech. Degree
in Computer Science and Engineering in
2009 from Dr. Ambedkar Institute of
Technology for Handicapped, Kanpur,
India. He is currently pursuing M. Tech
in Computer Science and Engineering
from Kamla Nehru Institute of Technology, Sultanpur, U.P,
India.
Vinod Kumar Yadav was born in
Jaunpur, India. He received the B.Tech.
Degree in Computer Science and
Information Technology in 2008 from
I.E.T., M.J.P. Rohilkhand University
Bareilly, India. He is currently pursuing
M.Tech in Computer Science and
Engineering from Kamla Nehru Institute
of Technology, Sultanpur, U.P., India.
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531
531
ISSN:2229-6093