Development of an improved SSL/TLS protocol using post-quantum algorithms

Authors

DOI:

https://doi.org/10.15587/1729-4061.2023.281795

Keywords:

improved SSL/TLS protocol, post-quantum encryption algorithms, improved UMAC algorithm, algebraic geometric codes, flawed codes

Abstract

The development of Internet technologies together with mobile and computer technologies have formed smart technologies that allow the formation of both cyber-physical and socio-cyber-physical systems. The basis of smart technologies is the integration of wireless channel standards with mobile and computer protocols. 4G/5G technologies are integrated with various web platforms, taking into account the digitalization of services in cyberspace. But the SSL/TLS protocol, based on the hybridization of symmetric encryption algorithms with hashing algorithms (AEAD mode), which is supposed to provide security services, is vulnerable to “Meet in the middle”, POODLE, BEAST, CRIME, BREACH attacks. In addition, with the advent of a full-scale quantum computer, symmetric and asymmetric cryptography algorithms that provide security services can also be hacked. To increase the level of security, an improved protocol based on post-quantum algorithms – crypto-code constructions is proposed, which will ensure not only resistance to current attacks, but also stability in the post-quantum period. To ensure the “hybridity” of services, it is proposed to use the McEliece and Niederreiter crypto-code constructions (confidentiality and integrity are ensured) and the improved UMAC algorithm on the McEliece crypto-code construction. Taking into account the level of “secrecy” of information, it is suggested to use various combinations of crypto-code constructions on different algebraic geometric and/or flawed codes. The use of crypto-code constructions not only provides resistance to attacks, but also simplifies the formation of a connection – the parameters of elliptic curves are used to transmit a common key. This approach significantly reduces the connection time of mobile gadgets and simplifies the procedure of agreement before data transfer

Author Biographies

Serhii Yevseiev, National Technical University “Kharkiv Polytechnic Institute”

Doctor of Technical Sciences, Professor, Head of Department

Department of Cyber Security

Alla Havrylova, National Technical University “Kharkiv Polytechnic Institute”

Senior Lecturer

Department of Cyber Security

Stanislav Milevskyi, National Technical University “Kharkiv Polytechnic Institute”

PhD, Associate Professor

Department of Cyber Security

Igor Sinitsyn, Institute of Software Systems of the National Academy of Sciences of Ukraine

Doctor of Technical Sciences, Senior Researcher

Volodymyr Chalapko, Military Institute for Tank Troops

Faculty of Weapons and Military Equipment

Hennady Dukin, Ivan Kozhedub Kharkiv National Air Force University

PhD, Associate Professor

Department of Aviation Radiotechnical Systems of Navigation and Landing

Vitalii Hrebeniuk, National Academy of the Security Service of Ukraine

Doctor of Law, Senior Reseacher, First Vice-Rector

Lala Bekirova, Azerbaijan State Oil and Industry University

Doctor of Technical Science, Professor, Head of Department

Department of Instrumentation Engineering

Oleksandr Shpak, Uzhhorod National University

PhD, Associate Professor

Department of Software Systems

References

  1. Arora, J. et al. (2023). Securing web documents by using piggybacked framework based on Newton's forward interpolation method. Journal of Information Security and Applications, 75, 103498. doi: https://doi.org/10.1016/j.jisa.2023.103498
  2. Yevseiev, S., Hryshchuk, R., Molodetska, K., Nazarkevych, M., Hrytsyk, V., Milov, O. et al.; Yevseiev, S., Hryshchuk, R., Molodetska, K., Nazarkevych, M. (Eds.) (2022). Modeling of security systems for critical infrastructure facilities. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 196. doi: https://doi.org/10.15587/978-617-7319-57-2
  3. Saribas, S., Tonyali, S. (2022). Performance Evaluation of TLS 1.3 Handshake on Resource-Constrained Devices Using NIST's Third Round Post-Quantum Key Encapsulation Mechanisms and Digital Signatures. 2022 7th International Conference on Computer Science and Engineering (UBMK). doi: https://doi.org/10.1109/ubmk55850.2022.9919545
  4. Khan, N. A., Khan, A. S., Kar, H. A., Ahmad, Z., Tarmizi, S., Julaihi, A. A. (2022). Employing Public Key Infrastructure to Encapsulate Messages During Transport Layer Security Handshake Procedure. 2022 Applied Informatics International Conference (AiIC). doi: https://doi.org/10.1109/aiic54368.2022.9914605
  5. Ramraj, S., Usha, G. (2023). Signature identification and user activity analysis on WhatsApp Web through network data. Microprocessors and Microsystems, 97, 104756. doi: https://doi.org/10.1016/j.micpro.2023.104756
  6. Nie, P., Wan, C., Zhu, J., Lin, Z., Chen, Y., Su, Z. (2023). Coverage-directed Differential Testing of X.509 Certificate Validation in SSL/TLS Implementations. ACM Transactions on Software Engineering and Methodology, 32 (1), 1–32. doi: https://doi.org/10.1145/3510416
  7. Berbecaru, D. G., Petraglia, G. (2023). TLS-Monitor: A Monitor for TLS Attacks. 2023 IEEE 20th Consumer Communications & Networking Conference (CCNC). https://doi.org/10.1109/ccnc51644.2023.10059989
  8. Wang, K., Zheng, Y., Zhang, Q., Bai, G., Qin, M., Zhang, D., Dong, J. S. (2022). Assessing certificate validation user interfaces of WPA supplicants. Proceedings of the 28th Annual International Conference on Mobile Computing And Networking. doi: https://doi.org/10.1145/3495243.3517026
  9. Kottur, S. Z., Kadiyala, K., Tammana, P., Shah, R. (2022). Implementing ChaCha based crypto primitives on programmable SmartNICs. Proceedings of the ACM SIGCOMM Workshop on Formal Foundations and Security of Programmable Network Infrastructures. doi: https://doi.org/10.1145/3528082.3544833
  10. Chen, L., Li, X., Yang, Z., Qian, S. (2022). Blockchain-based high transparent PKI authentication protocol. Chinese Journal of Network and Information Security, 8 (4), 1–11. doi: https://doi.org/10.11959/j.issn.2096-109x.2022052
  11. Zhang, Z., Zhang, H., Wang, J., Hu, X., Li, J., Yu, W. et al. (2023). QKPT: Securing Your Private Keys in Cloud With Performance, Scalability and Transparency. IEEE Transactions on Dependable and Secure Computing, 20 (1), 478–491. doi: https://doi.org/10.1109/tdsc.2021.3137403
  12. Zhou, Z., Bin, H., Li, J., Yin, Y., Chen, X., Ma, J., Yao, L. (2022). Malicious encrypted traffic features extraction model based on unsupervised feature adaptive learning. Journal of Computer Virology and Hacking Techniques, 18 (4), 453–463. doi: https://doi.org/10.1007/s11416-022-00429-y
  13. Bertok, C., Huszti, A., Kovacs, S., Olah, N. (2022). Provably secure identity-based remote password registration. Publicationes Mathematicae Debrecen, 100, 533–565. doi: https://doi.org/10.5486/pmd.2022.suppl.1
  14. Aayush, A., Aryan, Y., Muniyal, B. (2022). Understanding SSL Protocol and Its Cryptographic Weaknesses. 2022 3rd International Conference on Intelligent Engineering and Management (ICIEM). doi: https://doi.org/10.1109/iciem54221.2022.9853153
  15. Guo, S., Zhang, F., Song, Z., Zhao, Z., Zhao, X., Wang, X., Luo, X. (2022). Detection of SSL/TLS protocol attacks based on flow spectrum theory. Chinese Journal of Network and Information Security, 8 (1), 30–40. doi: https://doi.org/10.11959/j.issn.2096-109x.2022004
  16. Arunkumar, B., Kousalya, G. (2022). Secure and Light Weight Elliptic Curve Cipher Suites in SSL/TLS. Computer Systems Science and Engineering, 40 (1), 179–190. doi: https://doi.org/10.32604/csse.2022.018166
  17. Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: https://doi.org/10.15587/978-617-7319-31-2
  18. Gavrilova, A., Volkov, I., Kozhedub, Y., Korolev, R., Lezik, O., Medvediev, V. et al. (2020). Development of a modified UMAC algorithm based on crypto­code constructions. Eastern-European Journal of Enterprise Technologies, 4 (9 (106)), 45–63. doi: https://doi.org/10.15587/1729-4061.2020.210683
  19. Guide for Cybersecurity Event Recovery. NIST. Available at: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-184.pdf
  20. Security requirements for cryptographic modules. Available at: https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf
  21. Guide to LTE Security. Available at: https://csrc.nist.gov/csrc/media/publications/sp/800-187/draft/documents/sp800_187_draft.pdf
  22. Report on Post-Quantum Cryptography. Available at: https://csrc.nist.gov/publications/detail/nistir/8105/final
  23. Bernstein, D. J., Buchmann, J., Dahmen, E. (Eds.). (2009). Post-Quantum Cryptography. Springer. doi: https://doi.org/10.1007/978-3-540-88702-7
  24. Pohasii, S., Yevseiev, S., Zhuchenko, O., Milov, O., Lysechko, V., Kovalenko, O. et al. (2022). Development of crypto-code constructs based on LDPC codes. Eastern-European Journal of Enterprise Technologies, 2 (9 (116)), 44–59. doi: https://doi.org/10.15587/1729-4061.2022.254545
  25. Korol, O., Havrylova, A., Yevseiev, S. (2019). Practical UMAC algorithms based on crypto code designs. Przetwarzanie, transmisja i bezpieczenstwo informacji. Vol. 2. Bielsko-Biala: Wydawnictwo naukowe Akademii Techniczno-Humanistycznej w Bielsku-Bialej, 221–232.
  26. Carter, J. L., Wegman, M. N. (1979). Universal classes of hash functions. Journal of Computer and System Sciences, 18 (2), 143–154. doi: https://doi.org/10.1016/0022-0000(79)90044-8
  27. Bierbrauer, J., Johansson, T., Kabatianskii, G., Smeets, B. (2001). On Families of Hash Functions via Geometric Codes and Concatenation. Lecture Notes in Computer Science, 331–342. doi: https://doi.org/10.1007/3-540-48329-2_28
  28. Bettaieb, S., Bidoux, L., Blazy, O., Cottier, B., Pointcheval, D. (2023). Post-quantum and UC-Secure Oblivious Transfer from SPHF with Grey Zone. Lecture Notes in Computer Science, 54–70. doi: https://doi.org/10.1007/978-3-031-30122-3_4
  29. Mishhenko, V. A., Vilanskij, Ju. V., (2007). Ushherbnye teksty i mnogokanal'naja kriptografija [Damaged texts and multichannel cryptography]. Minsk: Jenciklopediks, 292.
  30. Mishhenko, V. A., Vilanskij, Ju. V., Lepin, V. V. (2006) “Kriptograficheskij algoritm MV 2 [Cryptographic algorithm MV 2]. Minsk: Jenciklopediks, 176.
Development of an improved SSL/TLS protocol using post-quantum algorithms

Downloads

Published

2023-06-30

How to Cite

Yevseiev, S., Havrylova, A., Milevskyi, S., Sinitsyn, I., Chalapko, V., Dukin, H., Hrebeniuk, V., Diedov, M., Bekirova, L., & Shpak, O. (2023). Development of an improved SSL/TLS protocol using post-quantum algorithms. Eastern-European Journal of Enterprise Technologies, 3(9 (123), 33–48. https://doi.org/10.15587/1729-4061.2023.281795

Issue

Vol. 3 No. 9 (123) (2023): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2023 Serhii Yevseiev, Alla Havrylova, Stanislav Milevskyi, Igor Sinitsyn, Volodymyr Chalapko, Hennady Dukin, Vitalii Hrebeniuk, Mykhailo Diedov, Lala Bekirova, Oleksandr Shpak

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.