Researcher profile

Sushmita Ruj

Sushmita Ruj contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate

Cryptography and Security Networking and Internet Architecture Data Structures and Algorithms Discrete Mathematics Distributed, Parallel, and Cluster Computing Machine Learning Social and Information Networks

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author

9works

0followers

7topics

4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2026arXiv

A Systematic Security Analysis for Path-based Traceability Systems in RFID-Enabled Supply Chains

Traceability systems have become prevalent in supply chains because of the rapid development of RFID and IoT technologies. These systems facilitate product recall and mitigate problems such as counterfeiting, tampering, and theft by tracking the manufacturing and distribution life-cycle of a product. Therefore, traceability systems are a defense mechanism against supply chain attacks and, consequently, have become a target for attackers to circumvent. For example, a counterfeiter may change the trace of a fake product for the trace of an authentic product, fooling the system into accepting a counterfeit product as legit and thereby giving a false sense of security. This systematic analysis starts with the observation that security requirements in existing traceability solutions are often unstructured or incomplete, leaving critical vulnerabilities unaddressed. We synthesized the properties of current state-of-the-art traceability solutions within a single security framework that allows us to analyze and compare their security claims. Using this framework, we objectively compared the security of $17$ traceability solutions and identified several weaknesses and vulnerabilities. This article reports on these flaws, the methodology we used to identify them, and the first security evaluation of traceability solutions on a large scale.

preprint2022arXiv

Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks

We study cascading failures in smart grids, where an attacker selectively compromises the nodes with probabilities proportional to their degrees, betweenness, or clustering coefficient. This implies that nodes with high degrees, betweenness, or clustering coefficients are attacked with higher probability. We mathematically and experimentally analyze the sizes of the giant components of the networks under different types of targeted attacks, and compare the results with the corresponding sizes under random attacks. We show that networks disintegrate faster for targeted attacks compared to random attacks. A targeted attack on a small fraction of high degree nodes disintegrates one or both of the networks, whereas both the networks contain giant components for random attack on the same fraction of nodes. An important observation is that an attacker has an advantage if it compromises nodes based on their betweenness, rather than based on degree or clustering coefficient. We next study adaptive attacks, where an attacker compromises nodes in rounds. Here, some nodes are compromised in each round based on their degree, betweenness or clustering coefficients, instead of compromising all nodes together. In this case, the degree, betweenness, or clustering coefficient is calculated before the start of each round, instead of at the beginning. We show experimentally that an adversary has an advantage in this adaptive approach, compared to compromising the same number of nodes all at once.

preprint2022arXiv

CryptoMaze: Privacy-Preserving Splitting of Off-Chain Payments

Payment protocols developed to realize off-chain transactions in Payment channel network (PCN) assumes the underlying routing algorithm transfers the payment via a single path. However, a path may not have sufficient capacity to route a transaction. It is inevitable to split the payment across multiple paths. If we run independent instances of the protocol on each path, the execution may fail in some of the paths, leading to partial transfer of funds. A payer has to reattempt the entire process for the residual amount. We propose a secure and privacy-preserving payment protocol, CryptoMaze. Instead of independent paths, the funds are transferred from sender to receiver across several payment channels responsible for routing, in a breadth-first fashion. Payments are resolved faster at reduced setup cost, compared to existing state-of-the-art. Correlation among the partial payments is captured, guaranteeing atomicity. Further, two party ECDSA signature is used for establishing scriptless locks among parties involved in the payment. It reduces space overhead by leveraging on core Bitcoin scripts. We provide a formal model in the Universal Composability framework and state the privacy goals achieved by CryptoMaze. We compare the performance of our protocol with the existing single path based payment protocol, Multi-hop HTLC, applied iteratively on one path at a time on several instances. It is observed that CryptoMaze requires less communication overhead and low execution time, demonstrating efficiency and scalability.

preprint2020arXiv

A Secure Fog Based Architecture for Industrial Internet of Things and Industry 4.0

The advent of Industrial IoT (IIoT) along with Cloud computing has brought a huge paradigm shift in manufacturing industries resulting in yet another industrial revolution, Industry 4.0. Huge amounts of delay-sensitive data of diverse nature are being generated which needs to be locally processed and secured due to its sensitivity. But, the low-end IoT devices are unable to handle huge computational overheads. Also, the semi-trusted nature of Cloud introduces several security concerns. To address these issues, this work proposes a secure Fog-based IIoT architecture by suitably plugging a number of security features into it and by offloading some of the tasks judiciously to fog nodes. These features secure the system alongside reducing the trust and burden on the cloud and resource-constrained devices respectively. We validate our proposed architecture through both theoretical overhead analysis and practical experimentation including simulation study and testbed implementation.

preprint2020arXiv

A Survey of COVID-19 Contact Tracing Apps

The recent outbreak of COVID-19 has taken the world by surprise, forcing lockdowns and straining public health care systems. COVID-19 is known to be a highly infectious virus, and infected individuals do not initially exhibit symptoms, while some remain asymptomatic. Thus, a non-negligible fraction of the population can, at any given time, be a hidden source of transmissions. In response, many governments have shown great interest in smartphone contact tracing apps that help automate the difficult task of tracing all recent contacts of newly identified infected individuals. However, tracing apps have generated much discussion around their key attributes, including system architecture, data management, privacy, security, proximity estimation, and attack vulnerability. In this article, we provide the first comprehensive review of these much-discussed tracing app attributes. We also present an overview of many proposed tracing app examples, some of which have been deployed countrywide, and discuss the concerns users have reported regarding their usage. We close by outlining potential research directions for next-generation app design, which would facilitate improved tracing and security performance, as well as wide adoption by the population at large.

preprint2020arXiv

A Technical Look At The Indian Personal Data Protection Bill

The Indian Personal Data Protection Bill 2019 provides a legal framework for protecting personal data. It is modeled after the European Union's General Data Protection Regulation(GDPR). We present a detailed description of the Bill, the differences with GDPR, the challenges and limitations in implementing it. We look at the technical aspects of the bill and suggest ways to address the different clauses of the bill. We mostly explore cryptographic solutions for implementing the bill. There are two broad outcomes of this study. Firstly, we show that better technical understanding of privacy is important to clearly define the clauses of the bill. Secondly, we also show how technical and legal solutions can be used together to enforce the bill.

preprint2020arXiv

HushRelay: A Privacy-Preserving, Efficient, and Scalable Routing Algorithm for Off-Chain Payments

Payment channel networks (PCN) are used in cryptocurrencies to enhance the performance and scalability of off-chain transactions. Except for opening and closing of a payment channel, no other transaction requests accepted by a PCN are recorded in the Blockchain. Only the parties which have opened the channel will know the exact amount of fund left at a given instant. In real scenarios, there might not exist a single path which can enable transfer of high value payments. For such cases, splitting up the transaction value across multiple paths is a better approach. While there exists several approaches which route transactions via several paths, such techniques are quite inefficient, as the decision on the number of splits must be taken at the initial phase of the routing algorithm (e.g., SpeedyMurmur [42]). Algorithms which do not consider the residual capacity of each channel in the network are susceptible to failure. Other approaches leak sensitive information, and are quite computationally expensive [28]. To the best of our knowledge, our proposed scheme HushRelay is an efficient privacy preserving routing algorithm, taking into account the funds left in each channel, while splitting the transaction value across several paths. Comparing the performance of our algorithm with existing routing schemes on real instances (e.g., Ripple Network), we observed that HushRelay attains a success ratio of 1, with an execution time of 2.4 sec. However, SpeedyMurmur [42] attains a success ratio of 0.98 and takes 4.74 sec when the number of landmarks is 6. On testing our proposed routing algorithm on the Lightning Network, a success ratio of 0.99 is observed, having an execution time of 0.15 sec, which is 12 times smaller than the time taken by SpeedyMurmur.

preprint2020arXiv

Secure Cloud Storage Protocols with Data Dynamics Using Secure Network Coding Techniques

In the age of cloud computing, cloud users with limited storage can outsource their data to remote servers. These servers, in lieu of monetary benefits, offer retrievability of their clients' data at any point of time. Secure cloud storage protocols enable a client to check integrity of outsourced data. In this work, we explore the possibility of constructing a secure cloud storage for dynamic data by leveraging the algorithms involved in secure network coding. We show that some of the secure network coding schemes can be used to construct efficient secure cloud storage protocols for dynamic data, and we construct such a protocol (DSCS I) based on a secure network coding protocol. To the best of our knowledge, DSCS I is the first secure cloud storage protocol for dynamic data constructed using secure network coding techniques which is secure in the standard model. Although generic dynamic data support arbitrary insertions, deletions and modifications, append-only data find numerous applications in the real world. We construct another secure cloud storage protocol (DSCS II) specific to append-only data -- that overcomes some limitations of DSCS I. Finally, we provide prototype implementations for DSCS I and DSCS II in order to evaluate their performance.

preprint2020arXiv

Verifiable and Auditable Digital Interchange Framework

We address the problem of fairness and transparency in online marketplaces selling digital content, where all parties are not actively participating in the trade. We present the design, implementation and evaluation of VADER, a highly scalable solution for multi-party fair digital exchange that combines the trusted execution of blockchains with intelligent protocol design and incentivization schemes. We prototype VADER on Hyperledger Fabric and extensively evaluate our system on a realistic testbed spanning five public cloud datacenters, spread across four continents. Our results demonstrate that VADER adds only minimal overhead of 16% in median case compared to a baseline solution, while significantly outperforming a naive blockchain based solution that adds an overhead of 764%.

Sushmita Ruj

Quick read

Decide how to stay connected

How to connect with this researcher

Open a focused conversation when the fit is right

See the researcher in context

Building this graph slice

9 published item(s)

A Systematic Security Analysis for Path-based Traceability Systems in RFID-Enabled Supply Chains

Cascading Failures in Smart Grids under Random, Targeted and Adaptive Attacks

CryptoMaze: Privacy-Preserving Splitting of Off-Chain Payments

A Secure Fog Based Architecture for Industrial Internet of Things and Industry 4.0

A Survey of COVID-19 Contact Tracing Apps

A Technical Look At The Indian Personal Data Protection Bill

HushRelay: A Privacy-Preserving, Efficient, and Scalable Routing Algorithm for Off-Chain Payments

Secure Cloud Storage Protocols with Data Dynamics Using Secure Network Coding Techniques

Verifiable and Auditable Digital Interchange Framework