The development of the method of multifactor authentication based on hybrid crypto­code constructions on defective codes

Authors

DOI:

https://doi.org/10.15587/1729-4061.2017.109879

Keywords:

McEliece and Niederreiter hybrid crypto-code systems on flawed codes, multi-factor authentication

Abstract

The proposed security mechanisms in hybrid-crypto-code systems, based on Niederreiter and McEliece modified asymmetric crypto-code systems on flawed codes allow further use of the methods of strict two-factor authentication on OTP passwords (OTP based 2FA). To ensure the required security and efficiency in the multi-factor authentication protocol, the McEliece and Niederreiter modified asymmetric crypto-code systems, allowing integrated reliability provision in information transmission on the basis of error-correction coding on elliptic codes are used. The use of the MV2 algorithm ensures an increase in the total entropy of the key and the physical separation of the transmission of the authenticator parts by various mobile/Internet communication channels based on multi-channel cryptography systems on flawed codes. The proposed mathematical models and algorithms for the practical implementation of the Niederreiter and McEliece HCCSFC make it possible to significantly reduce the energy capacity of group operations by reducing the power of the Galois field to GF 24–26 by additional transformations based on the MV2 algorithm, ensuring the required cryptographic strength

Author Biographies

Serhii Yevseiev, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor, Senior Researcher

Department of Information Systems 

Hryhorii Kots, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Information Systems 

Sergii Minukhin, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

Doctor of Technical Sciences, Professor

Department of Information Systems 

Olga Korol, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Information Systems

Anna Kholodkova, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Information Systems 

References

Yevseiev, S., Korol, O., Kots, H. (2017). Construction of hybrid security systems based on the crypto-code structures and flawed codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (88)), 4–21. doi: 10.15587/1729-4061.2017.108461

Litvinov, V. A., Lypko, E. V., Yakovleva, A. A. Informacionnaya bezopasnost' vysshego uchebnogo zavedeniya v ramkah sovremennoy globalizacii. Available at: http://conference.osu.ru/assets/files/conf_reports/conf13/132.doc

Rose, S., Barker, W. C., Jha, S., Irrechukwu, C., Waltermire, K. (2016). Domain name systems-based electronic mail security. U. S. Department of Commerce Penny Pritzker, Secretary, 240. Available at: https://nccoe.nist.gov/sites/default/files/library/sp1800/dns-secure-email-sp1800-6-draft.pdf

Dang, Q. (2012). Recommendation for Applications Using Approved Hash Algorithms. U. S. Department of Commerce, 25. Available at: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-107r1.pdf

Shnayder, B. (2012). Prikladnaya kriptografiya. Protokoly, algoritmy, iskhodnye teksty na yazyke Si. Moscow: Triumf, 815.

Grassi, P. A., Fenton, J. L., Newton, E. M., Perlner, R. A., Regenscheid, A. R., Burr, W. E. et. al. (2017). Digital identity guidelines: authentication and lifecycle management. NIST. doi: 10.6028/nist.sp.800-63b

Barrett, M., Marron, J., Pillitteri, V. Y., Boyens, J., Witte, G., Feldman, L. (2017). The Cybersecurity Framework. NIST, 41. Available at: http://csrc.nist.gov/publications/drafts/nistir-8170/nistir8170-draft.pdf

Cichonski, J., Franklin, J. M., Bartock, M. (2016). Guide to LTE Security. NIST, 48. Available at: http://csrc.nist.gov/publications/drafts/800-187/sp800_187_draft.pdf

Shapiro, L. (2012). Autentifikaciya na osnove odnorazovyh paroley. Teoreticheskie osnovy. Chast' 1. Sistemnyy administrator, 9, 88–91.

Shapiro, L. (2012). Autentifikaciya i odnorazovye paroli. Chast' 2. Vnedrenie OTP dlya autentifikacii v AD. Sistemnyy administrator, 10.

Kelsey, J., Change, S., Perlner, R. (2016). SHA-3 derived functions: cSHAKE, KMAC, TupleHash and ParallelHash. NIST. doi: 10.6028/nist.sp.800-185

Yevseiev, S. P., Abdullaev, V. G. (2015). Monitoring algorithm of two-factor authentication method based on рasswindow system. Eastern-European Journal of Enterprise Technologies, 2 (2 (74)), 9–16. doi: 10.15587/1729-4061.2015.38779

Yevseiev, S. P., Abdullaev, V. G., Agazade, Zh. F., Abbasova, V. S. (2016). Usovershenstvovanie metoda dvuhfaktornoy autentifikacii na osnove ispol'zovaniya modificirovannyh kripto-kodovyh skhem. Systemy obrobky informatsyi, 9 (146), 132–144.

Yevseiev, S., Hryhoryi, K., Liekariev, Y. (2016). Developing of multi-factor authentication method based on niederreiter-mceliece modified crypto-code system. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 11–23. doi: 10.15587/1729-4061.2016.86175

Meyer, D. (2016). Time is running out for this popular online security technique. FORTUNE. Available at: http://fortune.com/2016/07/26/nist-sms-two-factor/

Hackett, R. (2016). You’re implementing this basic security feature all wrong. FORTUNE. Available at: http://fortune.com/2016/06/27/two-factor-authentication-sms-text/

Bartock, M., Cichonski, J., Souppaya, M., Smith, M., Witte, G., Scarfone, K. (2016). Guide for cybersecurity event recovery. NIST. doi: 10.6028/nist.sp.800-184

Security requirements for cryptographic modules (2001). Change Notices. doi: 10.6028/nist.fips.140-2

Annex A: Approved Security Functions for FIPS PUB 140-2 (2017). U. S. Department of Commerce. Available at: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf

Annex B: Approved Protection Profiles for FIPS PUB 140-2 (2016). U. S. Department of Commerce. Available at: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexb.pdf

Annex C: Approved Random Number Generators for FIPS PUB 140-2 (2016). U. S. Department of Commerce. Available at: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexc.pdf

Yevseiev, S., Rzayev, K., Korol, O., Imanova, Z. (2016). Development of mceliece modified asymmetric crypto-code system on elliptic truncated codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (82)), 18–26. doi: 10.15587/1729-4061.2016.75250

Mishchenko, V. A., Vilanskiy, Yu. V. (2007). Ushcherbnye teksty i mnogokanal'naya kriptografiya. Minsk: Enciklopediks, 292.

Mishchenko, V. A., Vilanskiy, Yu. V., Lepin, V. V. (2006). Kriptograficheskiy algoritm MV 2. Minsk, 177.

Shennon, K. E. (1963). Teoriya svyazi v sekretnyh sistemah. Raboty po teorii informacii i kibernetike. Moscow: Il, 333–402.

Published

2017-10-19

How to Cite

Yevseiev, S., Kots, H., Minukhin, S., Korol, O., & Kholodkova, A. (2017). The development of the method of multifactor authentication based on hybrid crypto­code constructions on defective codes. Eastern-European Journal of Enterprise Technologies, 5(9 (89), 19–35. https://doi.org/10.15587/1729-4061.2017.109879

Issue

Section

Information and controlling system