I am pursuing my Doctoral studies in Cryptology at Indian Statistical Institute, Kolkata, with a focus on analysis, design and implementation of Stream Ciphers. I am currently employed as a Research Personnel at the Centre of Excellence in Cryptology at ISI Kolkata.
At present, I am a Doctoral student in Cryptology (started in Fall 2010) at Indian Statistical Institute Kolkata, and my advisor is Prof. Subhamoy Maitra. I obtained my Bachelors degree (B.E.Tel.E.) in Electronics and Telecommunication Engineering from Jadavpur University, India, in 2006, and my Masters degree (M.Math.) in Pure Mathematics from University of Waterloo, Canada, in 2008. I spent a year as a Graduate student in Mathematics at University of Washington, Seattle, USA, before joining ISI Kolkata.
My Doctoral Thesis in Cryptology is focused towards my current direction of research - Analysis, Design and Implementation of RC4-like stream ciphers. Apart from this, I am also interested in the analysis of RSA and Factorization problems related to Cryptology, and general problems in Number Theory.
I am currently a part of the Cryptology Research Group of ISI Kolkata, a life-member of Cryptology Research Society of India, and a Research Personnel at the Centre of Excellence in Cryptology of ISI Kolkata.
The following are publications in Cryptology that are related to my Doctoral thesis. Some other publications are listed here and all publications in Cryptology and related fields are available at my DBLP page.
- (Non-)Random Sequences from (Non-)Random Permutations - Analysis of RC4 stream cipher
[▾ abstract] [full text] J. of Cryptology (2012) - S. Sen Gupta, S. Maitra, G. Paul and S. Sarkar
RC4 has been the most popular stream cipher in the history of symmetric key cryptography. Its internal state contains a permutation over all possible bytes from 0 to 255, and it attempts to generate a pseudo-random sequence of bytes (called keystream) by extracting elements of this permutation. Over the last twenty years, numerous cryptanalytic results on RC4 stream cipher have been published, many of which are based on non-random (biased) events involving the secret key, the state variables, and the keystream of the cipher.
Though biases based on the secret key are common in RC4 literature, none of the existing ones depends on the length of the secret key. In the first part of this paper, we investigate the effect of RC4 keylength on its keystream, and report significant biases involving the length of the secret key. In the process, we prove the two known empirical biases that were experimentally reported and used in recent attacks against WEP and WPA by Sepehrdad, Vaudenay and Vuagnoux in EUROCRYPT 2011. After our current work, there remains no bias in the literature of WEP and WPA attacks without a proof.
In the second part of the paper, we present theoretical proofs of some significant initial-round empirical biases observed by Sepehrdad, Vaudenay and Vuagnoux in SAC 2010.
In the third part, we present the derivation of the complete probability distribution of the first byte of RC4 keystream, a problem left open for a decade since the observation by Mironov in CRYPTO 2002. Further, the existence of positive biases towards zero for all the initial bytes 3 to 255 is proved and exploited towards a generalized broadcast attack on RC4. We also investigate for long-term non-randomness in the keystream, and prove a new long-term bias of RC4.
- High Performance Hardware Implementation for RC4 Stream Cipher
[▾ abstract] [full text] IEEE-TC (2012) - S. Sen Gupta, A. Chattopadhyay, K. Sinha, S. Maitra and B.P. Sinha
RC4 is the most popular stream cipher in the domain of cryptology. In this paper, we present a systematic study of the hardware implementation of RC4, and propose the fastest known architecture for the cipher. We combine the ideas of hardware pipeline and loop unrolling to design an architecture that produces 2 RC4 keystream bytes per clock cycle. We have optimized and implemented our proposed design using VHDL description, synthesized with 130 nm, 90 nm and 65 nm fabrication technologies at clock frequencies 625 MHz, 1.37 GHz and 1.92 GHz respectively, to obtain a final RC4 keystream throughput of 10 Gbps, 21.92 Gbps and 30.72 Gbps in the respective technologies.
- Proof of Empirical RC4 Biases and New Key Correlations
[▾ abstract] [full text] SAC 2011 - S. Sen Gupta, S. Maitra, G. Paul and S. Sarkar
In SAC 2010, Sepehrdad, Vaudenay and Vuagnoux have reported some empirical biases between the secret key, the internal state variables and the keystream bytes of RC4, by searching over a space of all linear correlations between the quantities involved. In this paper, for the first time, we give theoretical proofs for all such significant empirical biases. Our analysis not only builds a framework to justify the origin of these biases, it also brings out several new conditional biases of high order. We establish that certain conditional biases reported earlier are correlated with a third event with much higher probability. This gives rise to the discovery of new keylength-dependent biases of RC4, some as high as $50/N$, where $N$ is the size of the RC4 permutation. The new biases in turn result in successful keylength prediction from the initial keystream bytes of the cipher.
- Attack on Broadcast RC4 Revisited
[▾ abstract] [full text] FSE 2011 - S. Maitra, G. Paul and S. Sen Gupta
In this paper, contrary to the claim of Mantin and Shamir (FSE 2001), we prove that there exist biases in the initial bytes (3 to 255) of the RC4 keystream towards zero. These biases immediately provide distinguishers for RC4. Additionally, the attack on broadcast RC4 to recover the second byte of the plaintext can be extended to recover the bytes 3 to 255 of the plaintext given $\Omega(N^3)$ many ciphertexts. Further, we also study the non-randomness of index $j$ for the first two rounds of PRGA, and identify a strong bias of $j_2$ towards 4. This in turn provides us with certain state information from the second keystream byte.
- One Byte per Clock: A Novel RC4 Hardware
[▾ abstract] [full text] Indocrypt 2010 - S. Sen Gupta, K. Sinha, S. Maitra and B.P. Sinha.
RC4, the widely used stream cipher, is well known for its simplicity and ease of implementation in software. In case of a special purpose hardware designed for RC4, the best known implementation till date is 1 byte per 3 clock cycles. In this paper, we take a fresh look at the hardware implementation of RC4 and propose a novel architecture which generates 1 keystream byte per clock cycle. Our strategy considers generation of two consecutive keystream bytes by unwrapping the RC4 cycles. The same architecture is customized to perform the key scheduling algorithm at a rate of 1 round per clock.
Reviewer/Sub-reviewer of refereed international journals like IEEE Transactions on Computers, Cryptography and Communications (CCDS) etc., and refereed international conferences like EUROCRYPT, FSE, SAC, INDOCRYPT, Africacrypt, ISPEC, ProvSec, IEEE Indicon etc.
Organizer/Co-ordinator of Indocrypt 2012 and several workshops and training programs in Cryptology and allied disciplines, hosted by CoEC, Indian Statistical Institute, Kolkata, since 2011.
Co-organizer of various workshops and training programs in Free and Open Source Software, including
- FOSS and Google Summer of Code at Jadavpur University, Kolkata, 2012
- Document Freedom Day 2012 at Indian Statistical Institute, Kolkata, 2012
- Software Freedom Day 2011 at Indian Statistical Institute, Kolkata, 2011
- Sage Days 25 at Indian Institute of Technology, Bombay, 2010
Teaching is my main motivation towards academics. I have taught several Undergraduate Mathematics course at University of Waterloo and University of Washington, both in the capacity of a Teaching Assistant and an Instructor. During my Doctoral studies at ISI Kolkata, it has been a pleasure to deliver a number of tutorial and expository talks on various aspects of Cryptology and related areas at short-term courses and workshops.
Delivered over 40 invited and instructional talks in Cryptology, Mathematics and allied disciplines at various prominent venues, excluding paper presentations at Conferences/Workshops. The following is a selection.
- Cryptology in Practice
[slides ] Tutorial Workshop in Cryptology, ISI Kolkata, 2013
- Application of Statistics in Cryptology
[slides ] North-East Workshop, ISI Kolkata, 2012
- The Crypto Cocktail – Math, CS and Engineering
[slides ] Analytica, St. Xavier’s College, Kolkata, 2012
- Problems with Key Generation and Usage
[slides ] Workshop on Cryptology, BARC Mumbai, 2012
- Stream Ciphers and RC4
[slides ] NEHU Workshop on Cryptology, ISI Kolkata, 2012
- Public Key Cryptography
[slides ] Instructional Workshop in Cryptology, SMU Jaipur, 2012
- A gentle introduction to Public Key Cryptography
[slides ] Tutorial Workshop in Cryptology, Chennai Mathematical Institute, 2012
- An overview of Cold-Boot Attack related to RSA and Factorization
[slides ] Indo-US Workshop, ISI Kolkata, 2012
- Research Methodology in Cryptography and Information Security
[slides ] ICISS 2011, Jadavpur University, Kolkata, 2011
- Introduction to Linear and Differential Cryptanalysis
[slides ] Block Cipher Meet, BARC Mumbai, 2011
- Cryptographic Hardware Implementation Issues
[slides ] JU-ISI Tutorial Workshop, Jadavpur University, Kolkata, 2011
- Introduction to SOSEMANUK - the eStream finalist
[slides ] eSTREAM Workshop, ISI Delhi, 2011
- RSA Cryptosystem and its Cryptanalysis
[slides ] WBSU-ISI Tutorial Workshop, West Bengal State University, 2011
- Recent trend in RSA Cryptanalysis
[slides ] National Workshop on Cryptology 2010, Coimbatore, India
- Cryptography in Sage
[slides ] Sage Days 25 - 2010, IIT Bombay, Mumbai, India
International Association for Cryptologic Research [2012-13]
Cryptology Research Society of India [Life Member]
American Mathematical Society [2006-07, 2008-09]
I have had a bounty of hobbies and leisurely activities over the course of time - sketching, magic, shayaari, recitation, karate, cooking, and many more. At present, I am interested in photography, web development, and free and open-source software movement. I am also an avid reader, and I love listening to technical and non-technical lectures from various sources (TED talks are my personal favorites).
Sourav Sen Gupta
Centre of Excellence in Cryptology
4th Floor, R.A. Fisher Bhavan, Indian Statistical Institute
203 Barrackpore Trunk Road, Kolkata - 700108, West Bengal, India.