Rishi Dutt Sharma

Anirban Pathak, Rishi Dutt Sharma, Dhananjoy Dey

With the advent of e-commerce and online banking it has become extremely important that the websites of the financial institutes (especially, banks) implement up-to-date measures of cyber security (in accordance with the recommendations of the regulatory authority) and thus circumvent the possibilities of financial frauds that may occur due to vulnerabilities of the website. Here, we systematically investigate whether Indian banks are following the above requirement. To perform the investigation, recommendations of Reserve Bank of India (RBI), National Institute of Standards and Technology (NIST), European Union Agency for Network and Information Security (ENISA) and Internet Engineering Task Force (IETF) are considered as the benchmarks. Further, the validity and quality of the security certificates of various Indian banks have been tested with the help of a set of tools (e.g., SSL Certificate Checker provided by Digicert and SSL server test provided by SSL Labs). The analysis performed by using these tools and a comparison with the benchmarks, have revealed that the security measures taken by a set of Indian banks are not up-to-date and are vulnerable under some known attacks.

Rishi Dutt Sharma, Kishore Thapliyal, Anirban Pathak

A feasible, secure and collusion-attack-free quantum sealed-bid auction protocol is proposed using a modified scheme for multi-party circular quantum key agreement. In the proposed protocol, the set of all ($n$) bidders is grouped in to $l$ subsets (sub-circles) in such a way that only the initiator (who prepares the quantum state to be distributed for a particular round of communication and acts as the receiver in that round) is a member of all the subsets (sub-circles) prepared for a particular round, while any other bidder is part of only a single subset. All $n$ bidders and auctioneer initiate one round of communication, and each of them prepares $l$ copies of a $\left(r-1\right)$-partite entangled state (one for each sub-circle), where $r=\frac{n}{l}+1$. The efficiency and security\textcolor{blue}{{} }of the proposed protocol are critically analyzed. It is shown that the proposed protocol is free from the collusion attacks that are possible on the existing schemes of quantum sealed-bid auction. Further, it is observed that the security against collusion attack increases with the increase in $l$, but that reduces the complexity (number of entangled qubits in each entangled state) of the entangled states to be used and that makes the scheme scalable and implementable with the available technologies. The additional security and scalability is shown to arise due to the use of a circular structure in place of a complete-graph or tree-type structure used earlier.