Lalit Agarwal


Designing new lock schemes for re-authenticating smartphone users (Master's thesis)


Mentor: Prof. Urs Hengartner, University of Waterloo, Canada

I am currently working on designing new re-authentication mechanisms for smartphone users. I working on developing an Android lock-library for app-level pattern/pin lock interfaces with varying transparencies.

Presentation | Thesis | Poster | Lock Library

Developing a selective ad-blocking tool (Bachelor's thesis)


Mentor: Dr. Saurabh Panjwani, Bell Labs Research, India

The intern-ship involved understanding and developing tools to address the concerns of web users in India towards on-line advertising. It involved investigating through a user study the perception of on-line ads among the web users in India. The final step was to build a browser plugin which blocks only certain inappropriate ads in contrast to blocking all ads.

Project Presentation | Project Report

Analysis of a practical key-recovery attack against APOP


Mentor: Prof. Anish Mathuria, DA-IICT, India

The research work involved understanding and analyzing a password recovery attack against APOP (Authenticated Post office protocol) which was proposed by Gaeten Leurent in the paper “Practical key recovery attack against APOP, an MD5 based challenge-response authentication”. As part of the internship, I understood the working of MD-5, the Wang’s attack and the conditions needed for such an attack to occur. With the help of the initial understanding of these concepts, I further examined how collisions in hash functions can be used to recover part of the password in APOP.

Project Presentation | Project Report

MILLEE (Mobile and Immersive Learning for literacy in Emerging Economies)


Mentor: Prof. Matthew Kam, CMU, USA (May, 10 –Dec, 10)

The main aim of the project was to design immersive, enjoyable, language learning games on cellphones, modeled after the traditional village games that rural children find familiar in order to educate them. My role in the team was to play-test the games and conduct alpha and beta tests to find out any potential bugs and design flaws and report them in form of a formal report so that they can be fixed. Also I was involved in managing the content required for the games including the voiceovers, XMLs’ etc.

Project Website





“Ask me again but don’t annoy me: Evaluating re-authentication strategies for smartphones”, ACM Symposium on Usable Privacy and Security (SOUPS), 2016 Lalit Agarwal, Hassan Khan, Urs Hengartner, University of Waterloo, Canada

“Do Not Embarrass: Re-Examining User Concerns for On-line Tracking and Advertising”, ACM Symposium on Usable Privacy and Security (SOUPS), 2013 Lalit Agarwal, Nisheeth Shrivastava, Sharad Jaiswal, Saurabh Panjwani, Bell Labs Research, Bangalore, India