Кафедри
Постійне посилання на розділhttps://repository.kpi.kharkov.ua/handle/KhPI-Press/35393
Переглянути
27 результатів
Результати пошуку
Документ The development of the method of multifactor authentication based on hybrid cryptocode constructions on defective codes(2017) Yevseiev, S. P.; Kots, Hryhorii; Minukhin, Sergii; Korol, O. G.; Kholodkova, AnnaThe proposed security mechanisms in hybrid-crypto-code systems, based on Niederreiter and McEliece modified asymmetric crypto-code systems on flawed codes allow further use of the methods of strict two-factor authentication on OTP passwords (OTP based 2FA). To ensure the required security and efficiency in the multi-factor authentication protocol, the McEliece and Niederreiter modified asymmetric crypto-code systems, allowing integrated reliability provision in information transmission on the basis of error-correction coding on elliptic codes are used. The use of the MV2 algorithm ensures an increase in the total entropy of the key and the physical separation of the transmission of the authenticator parts by various mobile/Internet communication channels based on multi-channel cryptography systems on flawed codes. The proposed mathematical models and algorithms for the practical implementation of the Niederreiter and McEliece HCCSFC make it possible to significantly reduce the energy capacity of group operations by reducing the power of the Galois field to GF 24–26 by additional transformations based on the MV2 algorithm, ensuring the required cryptographic strength.Документ Construction of hybrid security systems based on the crypto-code structures and flawed codes(ПП "Технологічний Центр", 2017) Yevseiev, S. P.; Korol, O. G.; Kots, HryhoriiIn order to ensure safety of SCCI, it is proposed to use hybrid crypto-code constructions based on the modified asymmetric crypto-code McEliece systems on flawed codes, which make it possible to obtain maximum quantity of emergent properties at minimal resource cost for initiating in the system the synergistic effect of security provision. The main difference from known approaches to the construction of hybrid cryptosystems is the use of MCCS instead of symmetric cryptosystems; to strengthen resistance and to "reduce" the alphabet power (dimensionality of field GF(26–28) to build the McEliece MCCS), the systems on flawed codes are employed. The algorithms proposed in present work for the formation and decryption of a cryptogram in the hybrid cryptosystem based on MCCS on flawed codes make it possible to practically implement HCCSFC. The study that we conducted into energy consumption of major operations in the hybrid cryptosystems and their stability on the basis of the proposed assessment procedure confirms efficiency of their application in order to provide basic requirements to service quality in IES.Документ Developing of multi-factor authentication method based on Niederreiter-McEliece modified crypto-code system(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Kots, Hryhorii; Liekariev, YehorTwo-factor authentication methods to date, are considered by experts as authenticators resistance amplification mechanisms, while ensuring the authenticity services in various fields of high technology, financial and insurance sectors of the market, large banking institutions and public sector enterprises. Thus, authenticators based on OTP passwords and various types of tokens are typically used in the ABS. The suggested synergistic threat assessment approach revealed that attackers use a comprehensive approach to the implementation of threats, based on a combination of social engineering techniques with traditional methods, of disguise and infiltration. New types of cyber-attacks are also used to effectively embed malware on mobile communication devices, which in turn leads to a decrease in the profitability of the two-factor authentication methods based on SMS messages and OTP passwords in ABS. The proposed safety mechanisms based on modified crypto code Niederreiter and Mc-Eliece systems allow to ensure reliability (based on the use of elliptical error-correcting codes) and safety (proposed cryptosystem are secret models of provable resistance) of data transmitted. Their usage in the multi-factor authentication protocol ensures the security of the physical separation of transmission of the parts of authenticator of banking transactions through mobile lines (using the Niederreiter MCCS) and ABS (using the McEliece MCCS). The proposed mathematical model and algorithms of practical implementation of the Niederreiter MCCS allow, based on the error vector symbol shortening, to reduce the energy capacity of the group operations, reduce the power of the Galois field to GF 2⁶–2⁷, providing the required cryptographic resistance.Документ Development of McEliece modified asymmetric crypto-code system on elliptic truncated codes(ПП "Технологічний Центр", 2016) Yevseiev, S. P.; Rzayev, Kh.; Korol, O. G.; Imanova, Z.Symmetric and asymmetric cryptographic algorithms, providing the required level of cryptographic strength are generally used to ensure security in modern communication systems, and error-correcting coding techniques - to ensure reliability. The use of asymmetric crypto-code systems enables integrated (with one mechanism) provision of the required levels of reliability, security and efficiency in the processing and transmission of confidential information via open channels of telecommunication systems. The research confirms that their usage provides high performance on the level of symmetric encryption algorithms with BSSH, provable cryptographic strength based on theoretical and complexity problems in arbitrary code decoding (1030 – 1035 group operations are provided), and reliability through the use of a shortened algebra-geometric code (Рош10-9 – 10-12 is provided). A major disadvantage of the use of the McEliece cryptographic system are large amounts of critical data (to provide the required cryptographic strength it is necessary to build a system in the GF (210 – 213). In order to reduce the volume of key data (public key), we propose to use shortened codes, that enables to reduce the GF(26 –28), while maintaining a cryptographic strength level, by introducing the character location entropy at initialization vector.Документ The synergetic approach for providing bank information security: the problem formulation(Національний авіаційний університет, 2016) Hryshchuk, Ruslan; Yevseiev, S. P.Continuously increasing number of threats to the security of bank information in automated banking systems (ABS) leads to a decrease in the quality of banking services provided by banks at the national and international level, regardless of their form of ownership. This situation is not least caused by the imperfection in used today mechanisms for providing bank information security. The technological complexity of new unknown threats identification, as well as the increasing sophistication in the methods of their implementation leads to the pressing need of radical revision of the existing approaches for providing security. Existing approaches are known mainly as oriented to the aggregation of forces and means of providing the security of bank information, which often leads to incomplete overlapping spectrum of threats and irrational use of resources allocated for the security. Thus, it becomes clear that the development of a fundamentally new approach to provide security of bank information is a prerequisite for the provision of high quality banking services, which this article is devoted. With this purpose, the article proposed the synergetic model of bank information security threats, which is first time since the system has allowed revealing the positions of the current state of the research problem. It is shown and proved that at the present stage of science and technology development, bank information security should be based on a fundamentally new approach, which is proposed to be called synergetic. Its implementation will provide a synergetic effect on the interaction of selected safety profiles and, consequently, demonstrate qualitatively new and previously unknown emergent properties of security system. As part of the proposed approach, the problem of increasing the level of bank information security is formalized in a general way and identified further ways of solving it. It is shown that the absence of such decisions in a bank information systems determines the relevance of the chosen for research theme and its scientific priority.Документ Methodology for Building A Security System for Banking Information Resources(Karabük University Publishing, Turkey, 2019) Yevseiev, S. P.Документ Improved umac algorithm with crypto-code mceliece's scheme(Premier Publishing s.r.o., Austria, 2020) Yevseiev, S. P.; Havrylova, AllaThe article discusses the mathematical model of the mini-version of the UMAC hashing algorithm, using various cryptoalgorithms as a pseudo-random substrate when generating key data, presents the results of studies of the considered mini-versions. A new approach is proposed to ensure the cryptographic stability of this hashing algorithm based on Mac-Elis crypto-code constructions on modified elliptic codes. This approach will provide the required level of cryptographic security in post-quantum cryptography.Документ The concept of building security of the network with elements of the semiotic approach(Технологічний Центр, 2023) Yevseiev, S. P.; Tolkachov, Maksym; Shetty, Darshan; Khvostenko, Vladyslav; Strelnikova, Anna; Milevskyi, Stanislav; Golovashych, SergiiThe main scientific results: the concept of a structured protection system with the Zero Trust Security approach has been developed. The structure of the semiotic analysis of the segmentation of the transmitted load on the blocks is proposed. Blocks by signs are subjected to individual analysis. According to the features, the blocks are transformed by the selected representation into an object/groups of objects. Groups for transmission in the load are tagged, have different coding severity (depth), depending on the risk assessment. Groups are transmitted through the network in different ways (paths) – VPN (different ESP), unencrypted tunnel, open access, etc. This solution improves the throughput of malicious load analysis prior to transmission. The performance overhead for encoding/decoding the load and encapsulating/de-encapsulating during transmission is reduced. The transmission bandwidth is increased.Документ Development of crypto-code constructs based on LDPC codes(ПП "Технологічний Центр", 2022) Pohasii, Serhii; Yevseiev, S. P.; Milov, Oleksandr; Kovalenko, Oleksandr; Kostiak, Maryna; Volkov, Andrii; Lezik, Aleksandr; Susukailo, VitaliiThe results of developing post-quantum algorithms of McEliece and Niederreiter crypto-code constructs based on LDPC (Low-Density Parity-Check) codes are presented. With the rapid growth of computing capabilities of mobile technologies and the creation of wireless mesh and sensor networks, Internet of Things technologies, and smart technologies on their basis, information security is becoming an urgent problem. At the same time, there is a need to consider security in two circuits, internal (directly within the network infrastructure) and external (cloud technologies). In such conditions, it is necessary to integrate threats to both the internal and external security circuits. This allows you to take into account not only the hybridity and synergy of modern targeted threats, but also the level of significance (degree of secrecy) of information flows and information circulating in both the internal and external security circuits. The concept of building security based on two circuits is proposed. To ensure the security of wireless mobile channels, it is proposed to use McEliece and Niederreiter crypto-code constructs based on LDPC codes, which allows integration into the credibility technology of IEEE 802.15.4, IEEE 802.16 standards. This approach provides the required level of security services (confidentiality, integrity, authenticity) in a full-scale quantum computer. Practical security technologies based on the proposed crypto-code constructs, online IP telephony and the Smart Home system based on the use of an internal server are considered.Документ Development of a method for assessing the security of cyber-physical systems based on the Lotka-Volterra model(ПП "Технологічний Центр", 2021) Yevseiev, S. P.; Pohasii, Serhii ; Milevskyi, Stanislav ; Milov, Oleksandr ; Melenti, Y.; Grod, I.; Berestov, D.; Fedorenko, R.; Kurchenko, O.The paper presents the results of the development of a method for assessing the security of cyber-physical systems based on the Lotka–Volterra model. Security models of cyber-physical systems are proposed: “predator–prey” taking into account the computing capabilities and focus of targeted cyberattacks, “predator–prey” taking into account the possible competition of attackers in relation to the “prey”, “predator–prey” taking into account the relationships between “prey species” and “predator species”, “predator–prey” taking into account the relationship between “prey species” and “predator species”. Based on the proposed approach, the coefficients of the Lotka–Volterra model α=0.39, β=0.32, γ=0.29, φ=0.27 were obtained, which take into account the synergy and hybridity of modern threats, funding for the formation and improvement of the protection system, and also allow determining the financial and computing capabilities of the attacker based on the identified threats. The proposed method for assessing the security of cyber-physical systems is based on the developed threat classifier, allows assessing the current security level and provides recommendations regarding the allocation of limited protection resources based on an expert assessment of known threats. This approach allows offline dynamic simulation, which makes it possible to timely determine attackers' capabilities and form preventive protection measures based on threat analysis. In the simulation, actual bases for assessing real threats and incidents in cyber-physical systems can be used, which allows an expert assessment of their impact on both individual security services and security components (cyber security, information security and security of information). The presented simulation results do not contradict the graphical results of the classical Lotka–Volterra model, which indicates the adequacy of the proposed approach for assessing the security of cyber-physical systems
- «
- 1 (current)
- 2
- 3
- »