Audio-based shared secret generation method title = {Audio-based shared secret generation method}, abstract = {<p><span style="color: rgb(14, 40, 65);">Audio-based shared secret generation method</span></p>}, address = {}, author = {Khandkar, Vinod Sarjerao}, doi = {10.15126/901789}, keywords = {Symmetric key generation;Constrained environment security;Audio RIR}, language = {eng}, pages = {5}, publisher = {University of Surrey}, booktitle = {UK Research Institute in Secure Hardware and Embedded Systems (RISE) 2025 Annual Conference}, number = {}, address = {Royal Academy of Engineering, London, UK}, year = {20250911–20250911}, . UK Research Institute in Secure Hardware and Embedded Systems (RISE) 2025 Annual Conference.

Khandkar, V.S., Hanawal, M.K.(2021). Challenges in Net Neutrality Violation Detection: A Case Study of Wehe Tool . 2021 International Conference on COMmunication Systems and NETworkS, COMSNETS 2021. p. 169-173.

Khandkar, V.S., Hanawal, M.K.(2020). Detection of Traffic Discrimination in the Internet . 2020 International Conference on COMmunication Systems and NETworkS, COMSNETS 2020. p. 677-679.

End-point authentication method using gyroscope-based shared secret for inter-smartphone direct communication title = {End-point authentication method using gyroscope-based shared secret for inter-smartphone direct communication}, abstract = {<p>The smartphone connectivity options, such as Bluetooth, generate the root of trust upon first connection or pairing. The subsequent connections use the initial root-of-trust without validation. These Trust-On-First-Usage or TOFU models are vulnerable to Man-in-the-Middle (MiTM) or impersonation attacks after pairing. Moreover, root-of-trust based on certificates or QR code-like mechanisms needs a third-party server, which may not be accessible for justifiable reasons. We propose an endpoint validation method that decouples the successive authentications from pairing by shifting the root of trust to a locally agreed shared secret between devices, e.g., via a sensor-based method. The legacy pairing provides the device discovery. Our method uses this shared secret as a Pre-Shared Key (PSK) to perform a Transport Layer Security (TLS) handshake in PSK-Only mode between intended devices. The TLS-PSK adds a minimal overhead (1 RTT) while delivering the superior benefits of the TLS protocol. We demonstrated the method on an Android smartphone over a Bluetooth connection. </p>}, address = {}, author = {Khandkar, Vinod Sarjerao}, keywords = {snoop resilient protocols;Bluetooth;Transport Layer Security}, language = {eng}, subject = {Cryptography}, booktitle = {Next Generation Networking, Multi-Service Networks workshop}, number = {}, address = {Abingdon, United Kingdom}, year = {20250703–20250704},. Next Generation Networking, Multi-Service Networks workshop.

Talk : FFT-assisted Secret Generation via Gyroscope Measurements on Smartphones title = {Talk : FFT-assisted Secret Generation via Gyroscope Measurements on Smartphones}, abstract = {<p>The disclosure of domestic abuse or help needed is challenging for victims due to factors such as intimidation and fear of being caught. Domestic abuse is especially pernicious as the abuser can be a powerful adversary who may have complete control over all technological means of communication within the premises. We have developed a novel sensor-based method to unobtrusively create a shared secret between the victim and the supportive friend without exchanging data over the network. The generated secret shows entropy similar to some methods used in OpenSSL.</p>}, address = {}, author = {Khandkar, Vinod Sarjerao and Sastry, Nishanth Ramakrishna and Toreini, Ehsan}, keywords = {secret generation}, language = {eng}, booktitle = {CyberMi2 Research Day}, number = {2nd}, address = {Birmingham, England}, year = {20240524},. CyberMi2 Research Day.

Extended TLS: Masking Server Host Identity on the Internet Using Encrypted TLS Handshake title = {Extended TLS: Masking Server Host Identity on the Internet Using Encrypted TLS Handshake}, abstract = {<p>The Internet is a common platform for sharing information. It is required to preserve every user’s privacy and security of information on the Internet. While data security is primarily taken care of by the TLS protocol and broader adaptation of HTTPS, FTPS, and SMPTS protocol, some fields of TLS expose the type of activity a user is performing, thus violating user privacy. One such protocol information is Server Name Indication (SNI) in the TLS ClinetHello message that goes in plaintext. Anyone intercepting the message thus identifies the service host type. We present a method named Extended TLS (ETLS) to mask the server host identity by encrypting the SNI without requiring any change in the existing protocols. In ETLS, a connection is established over two handshakes - the</p><p>first handshake establishes a secure channel without sharing SNI information, and the second handshake shares the encrypted SNI. ETLS requires no modification in the already proven TLS encryption mechanism and retains all security benefits of the existing secure channel establishment. We demonstrate the feasibility of ETLS over live Internet with scripts that implement our methodology. Using a customized client-server and a commercial traffic shaper, we also demonstrated that the host identity is not exposed under ETLS, thus demonstrating its</p><p>privacy-preserving property.</p>}, address = {}, author = {Khandkar, Vinod Sarjerao and Hanawal, Manjesh K.}, doi = {10.1109/SPCOM55316.2022.9840773}, isbn = {9781665482509}, issn = {2474-915X}, journal = {2022 International Conference on Signal Processing and Communications}, keywords = {snoop resilient protocols}, language = {eng}, pages = {5}, publisher = {IEEE}, series = {International Conference on Signal Processing and Communications SPCOM}, year = {2022}, . 2022 International Conference on Signal Processing and Communications.

Challenges in Net Neutrality Violation Detection: A Case Study of Wehe Tool title = {Challenges in Net Neutrality Violation Detection: A Case Study of Wehe Tool}, abstract = {The debate on "Net-neutrality" and events pointing towards its possible violations have led to the development of tools to detect deliberate traffic discrimination on the Internet. Given the complex nature of the Internet, neutrality violations are not easy to detect, and tools developed so far suffer from various limitations. In this paper, we study many challenges in developing a tool for detecting such violations. We take the validation as an application of our study of challenges in TD detection systems. As a case study, we focus on the Wehe tool and demonstrate the categorized analysis or validation of traffic differentiation detection tools. The Wehe tool is one of the most recent tools to detect neutrality violations. Despite the Wehe tool's vast utility and possible influences over policy decisions, its mechanisms are not yet fully validated by researchers other than original tool developers. Our validation uses the Wehe App, a clientserver setup mimicking the Wehe tool's end-to-end behavior and theoretical arguments. We validated the Wehe app for its methodology, traffic discrimination detection, and operational environments.}, author = {Khandkar, Vinod S. and Hanawal, Manjesh K.}, doi = {10.1109/COMSNETS51098.2021.9352826}, isbn = {9781728191270}, issn = {2155-2487}, journal = {2021 International Conference on COMmunication Systems & NETworkS (COMSNETS)}, keywords = {Internet;Net neutrality;Network neutrality;Tools;traffic differentiation;validation}, language = {eng}, pages = {5}, publisher = {IEEE}, year = {2021}, . 2021 International Conference on COMmunication Systems & NETworkS (COMSNETS).

Detection of Traffic Discrimination in the Internet title = {Detection of Traffic Discrimination in the Internet}, abstract = {The Internet provides a platform for various commercial activities, and it is essential to ensure that it remains a level playing field for all the players. Several countries have enacted laws such that the Internet remains neutral by prohibiting preferential treatment of traffic of one application or content over the other. However, to enforce such regulations, one needs to detect any violations. In this work, we demonstrate a method to identify non-neutral behavior by comparing the quality of service received by different applications 'when they experience similar transmission as well as network conditions.'}, author = {Khandkar, Vinod S. and Hanawal, Manjesh K.}, doi = {10.1109/comsnets48256.2020.9027434}, isbn = {1728131871}, issn = {2155-2487}, journal = {International Conference on Communication Systems and Networks (Online)}, keywords = {Computer Science;Computer Science, Hardware & Architecture;Computer Science, Theory & Methods;Science & Technology;Technology;Telecommunications}, language = {eng}, pages = {3}, publisher = {IEEE}, series = {International Conference on Communication Systems and Networks}, year = {2020}, . International Conference on Communication Systems and Networks (Online).

Vinod S. Khandkar and Manjesh K. Hanawal(2020). Detection of Traffic Discrimination in the Internet . 2020 International Conference on COMmunication Systems & NETworkS (COMSNETS). {IEEE}