The development of the method of multifactor authentication based on hybrid crypto­code constructions on defective codes

Authors

DOI:

https://doi.org/10.15587/1729-4061.2017.109879

Keywords:

McEliece and Niederreiter hybrid crypto-code systems on flawed codes, multi-factor authentication

Abstract

The proposed security mechanisms in hybrid-crypto-code systems, based on Niederreiter and McEliece modified asymmetric crypto-code systems on flawed codes allow further use of the methods of strict two-factor authentication on OTP passwords (OTP based 2FA). To ensure the required security and efficiency in the multi-factor authentication protocol, the McEliece and Niederreiter modified asymmetric crypto-code systems, allowing integrated reliability provision in information transmission on the basis of error-correction coding on elliptic codes are used. The use of the MV2 algorithm ensures an increase in the total entropy of the key and the physical separation of the transmission of the authenticator parts by various mobile/Internet communication channels based on multi-channel cryptography systems on flawed codes. The proposed mathematical models and algorithms for the practical implementation of the Niederreiter and McEliece HCCSFC make it possible to significantly reduce the energy capacity of group operations by reducing the power of the Galois field to GF 24–26 by additional transformations based on the MV2 algorithm, ensuring the required cryptographic strength

Author Biographies

Serhii Yevseiev, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor, Senior Researcher

Department of Information Systems 

Hryhorii Kots, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Information Systems 

Sergii Minukhin, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

Doctor of Technical Sciences, Professor

Department of Information Systems 

Olga Korol, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Information Systems

Anna Kholodkova, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Associate Professor

Department of Information Systems 

References

  1. Yevseiev, S., Korol, O., Kots, H. (2017). Construction of hybrid security systems based on the crypto-code structures and flawed codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (88)), 4–21. doi: 10.15587/1729-4061.2017.108461
  2. Litvinov, V. A., Lypko, E. V., Yakovleva, A. A. Informacionnaya bezopasnost' vysshego uchebnogo zavedeniya v ramkah sovremennoy globalizacii. Available at: http://conference.osu.ru/assets/files/conf_reports/conf13/132.doc
  3. Rose, S., Barker, W. C., Jha, S., Irrechukwu, C., Waltermire, K. (2016). Domain name systems-based electronic mail security. U. S. Department of Commerce Penny Pritzker, Secretary, 240. Available at: https://nccoe.nist.gov/sites/default/files/library/sp1800/dns-secure-email-sp1800-6-draft.pdf
  4. Dang, Q. (2012). Recommendation for Applications Using Approved Hash Algorithms. U. S. Department of Commerce, 25. Available at: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-107r1.pdf
  5. Shnayder, B. (2012). Prikladnaya kriptografiya. Protokoly, algoritmy, iskhodnye teksty na yazyke Si. Moscow: Triumf, 815.
  6. Grassi, P. A., Fenton, J. L., Newton, E. M., Perlner, R. A., Regenscheid, A. R., Burr, W. E. et. al. (2017). Digital identity guidelines: authentication and lifecycle management. NIST. doi: 10.6028/nist.sp.800-63b
  7. Barrett, M., Marron, J., Pillitteri, V. Y., Boyens, J., Witte, G., Feldman, L. (2017). The Cybersecurity Framework. NIST, 41. Available at: http://csrc.nist.gov/publications/drafts/nistir-8170/nistir8170-draft.pdf
  8. Cichonski, J., Franklin, J. M., Bartock, M. (2016). Guide to LTE Security. NIST, 48. Available at: http://csrc.nist.gov/publications/drafts/800-187/sp800_187_draft.pdf
  9. Shapiro, L. (2012). Autentifikaciya na osnove odnorazovyh paroley. Teoreticheskie osnovy. Chast' 1. Sistemnyy administrator, 9, 88–91.
  10. Shapiro, L. (2012). Autentifikaciya i odnorazovye paroli. Chast' 2. Vnedrenie OTP dlya autentifikacii v AD. Sistemnyy administrator, 10.
  11. Kelsey, J., Change, S., Perlner, R. (2016). SHA-3 derived functions: cSHAKE, KMAC, TupleHash and ParallelHash. NIST. doi: 10.6028/nist.sp.800-185
  12. Yevseiev, S. P., Abdullaev, V. G. (2015). Monitoring algorithm of two-factor authentication method based on рasswindow system. Eastern-European Journal of Enterprise Technologies, 2 (2 (74)), 9–16. doi: 10.15587/1729-4061.2015.38779
  13. Yevseiev, S. P., Abdullaev, V. G., Agazade, Zh. F., Abbasova, V. S. (2016). Usovershenstvovanie metoda dvuhfaktornoy autentifikacii na osnove ispol'zovaniya modificirovannyh kripto-kodovyh skhem. Systemy obrobky informatsyi, 9 (146), 132–144.
  14. Yevseiev, S., Hryhoryi, K., Liekariev, Y. (2016). Developing of multi-factor authentication method based on niederreiter-mceliece modified crypto-code system. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 11–23. doi: 10.15587/1729-4061.2016.86175
  15. Meyer, D. (2016). Time is running out for this popular online security technique. FORTUNE. Available at: http://fortune.com/2016/07/26/nist-sms-two-factor/
  16. Hackett, R. (2016). You’re implementing this basic security feature all wrong. FORTUNE. Available at: http://fortune.com/2016/06/27/two-factor-authentication-sms-text/
  17. Bartock, M., Cichonski, J., Souppaya, M., Smith, M., Witte, G., Scarfone, K. (2016). Guide for cybersecurity event recovery. NIST. doi: 10.6028/nist.sp.800-184
  18. Security requirements for cryptographic modules (2001). Change Notices. doi: 10.6028/nist.fips.140-2
  19. Annex A: Approved Security Functions for FIPS PUB 140-2 (2017). U. S. Department of Commerce. Available at: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexa.pdf
  20. Annex B: Approved Protection Profiles for FIPS PUB 140-2 (2016). U. S. Department of Commerce. Available at: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexb.pdf
  21. Annex C: Approved Random Number Generators for FIPS PUB 140-2 (2016). U. S. Department of Commerce. Available at: http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexc.pdf
  22. Yevseiev, S., Rzayev, K., Korol, O., Imanova, Z. (2016). Development of mceliece modified asymmetric crypto-code system on elliptic truncated codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (82)), 18–26. doi: 10.15587/1729-4061.2016.75250
  23. Mishchenko, V. A., Vilanskiy, Yu. V. (2007). Ushcherbnye teksty i mnogokanal'naya kriptografiya. Minsk: Enciklopediks, 292.
  24. Mishchenko, V. A., Vilanskiy, Yu. V., Lepin, V. V. (2006). Kriptograficheskiy algoritm MV 2. Minsk, 177.
  25. Shennon, K. E. (1963). Teoriya svyazi v sekretnyh sistemah. Raboty po teorii informacii i kibernetike. Moscow: Il, 333–402.

Downloads

Published

2017-10-19

How to Cite

Yevseiev, S., Kots, H., Minukhin, S., Korol, O., & Kholodkova, A. (2017). The development of the method of multifactor authentication based on hybrid crypto­code constructions on defective codes. Eastern-European Journal of Enterprise Technologies, 5(9 (89), 19–35. https://doi.org/10.15587/1729-4061.2017.109879

Issue

Section

Information and controlling system