Development of a modified UMAC algorithm based on crypto­code constructions

Authors

DOI:

https://doi.org/10.15587/1729-4061.2020.210683

Keywords:

authenticity, hashing algorithm, crypto-code constructions, elliptic codes, modified elliptic codes, damaged codes, UMAC algorithm, MV2 algorithm (universal damage mechanism), post-quantum cryptography

Abstract

The development of computer technology has determined the vector for the expansion of services based on the Internet and “G” technologies. The main requirements for modern services in the banking sector are security and reliability. At the same time, security is considered not only as ensuring the confidentiality and integrity of transactions, but also their authenticity. However, in the post-quantum period, US NIST specialists question the durability of modern means of providing basic security services based on symmetric and asymmetric cryptography algorithms. The increase in computing resources allows attackers to use modern threats in combination. Thus, there is a need to search for new and/or modify known algorithms for generating MAC (message authentication codes). In addition, the growth of services increases the amount of information that needs to be authenticated. Among the well-known hash algorithms, the hash functions of universal hashing are distinguished, which allow initially determining the number of collisions and their uniform distribution over the entire set of hash codes. Possibilities of modifying the cascade hashing algorithm UMAC (message authentication code based on universal hashing, universal MAC) based on the use of McEliece crypto-code construction on algebrogeometric (elliptic codes (EC), modified elliptic codes (MEC) and damaged codes (DC). This approach allows preserving the uniqueness property, in contrast to the classical UMAC scheme based on a block symmetric cipher (AES). The presented algorithms for evaluating the properties of universality and strict universality of hash codes make it possible to evaluate the security of the proposed hashing constructs based on universal hash functions, taking into account the preservation of the universality property

Author Biographies

Alla Gavrilova, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

Senior Lecturer

Department of Cybersecurity and Information Technologies

Ihor Volkov, Scientific-Research Center of Missile Troops and Artillery Herasima Kondratieva str., 165, Sumy, Ukraine, 40021

PhD

Yuliia Kozhedub, Institute of Special Communication and Information Security of National Technical University of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute” Verkhnokliuchova str., 4, Kyiv, Ukraine, 03056

PhD

Scientific and Organizational Department of the Scientific and Research Center

Roman Korolev, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD

Department of Cybersecurity and Information Technologies

Oleksandr Lezik, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD, Associate Professor

Department of Defense Police Tactics SB

Volodymyr Medvediev, National Defence University of Ukraine named after Ivan Cherniakhovskyi Povitroflotskyi ave., 28, Kyiv, Ukraine, 03049

PhD, Professor

Department of Radio-Technical and Special Troops

Oleksandr Milov, Simon Kuznets Kharkiv National University of Economics Nauky ave., 9-А, Kharkiv, Ukraine, 61166

PhD, Professor

Department of Cybersecurity and Information Technologies

Bogdan Tomashevsky, Ternopil Ivan Puluj National Technical University Ruska str., 56, Ternopil, Ukraine, 46001

PhD, Associate Professor

Department of Cyber Security

Andrii Trystan, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

Doctor of Technical Sciences, Senior Research, Head of Scientific Research Department

Head of Scientific Research Department Scientific Center

Oksana Chekunova, Ivan Kozhedub Kharkiv National Air Force University Sumska str., 77/79, Kharkiv, Ukraine, 61023

PhD

References

  1. Evseev, S., Kotz, H., Korol, O. (2015). Analysis of the legal framework for the information security management system of the NSМEP. Eastern-European Journal of Enterprise Technologies, 5 (3 (77)), 48–59. doi: https://doi.org/10.15587/1729-4061.2015.51468
  2. Evseev, S., Abdullayev, V. (2015). (2015). Monitoring algorithm of two-factor authentication method based on рasswindow system. Eastern-European Journal of Enterprise Technologies, 2 (2 (74)), 9–16. doi: https://doi.org/10.15587/1729-4061.2015.38779
  3. Аktual'nye kiberugrozy – 2017: trendy i prognozy (2018). Positive technologies. Available at: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2017/
  4. Aktual'nye kiberugrozy – 2018. Trendy i prognozy (2019). Positive technologies. Available at: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2018/
  5. Aktual'nye kiberugrozy: itogi 2019 goda (2020). Positive technologies. Available at: https://www.ptsecurity.com/ru-ru/research/analytics/cybersecurity-threatscape-2019/
  6. Yevseiev, S., Hryhorii, K., Liekariev, Y. (2016). Developing of multi-factor authentication method based on niederreiter-mceliece modified crypto-code system. Eastern-European Journal of Enterprise Technologies, 6 (4 (84)), 11–23. doi: https://doi.org/10.15587/1729-4061.2016.86175
  7. Yevseiev, S., Korol, O., Kots, H. (2017). Construction of hybrid security systems based on the crypto-code structures and flawed codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (88)), 4–21. doi: https://doi.org/10.15587/1729-4061.2017.108461
  8. Yevseiev, S., Tsyhanenko, O., Ivanchenko, S., Aleksiyev, V., Verheles, D., Volkov, S. et. al. (2018). Practical implementation of the Niederreiter modified crypto­code system on truncated elliptic codes. Eastern-European Journal of Enterprise Technologies, 6 (4 (96)), 24–31. doi: https://doi.org/10.15587/1729-4061.2018.150903
  9. Sidel'nikov, V. M. (2002). Kriptografiya i teoriya kodirovaniya. Materialy konferentsii “Moskovskiy universitet i razvitie kriptografii v Rossii”.
  10. Bartock, M., Cichonski, J., Souppaya, M., Smith, M., Witte, G., Scarfone, K. (2016). Guide for cybersecurity event recovery. NIST. doi: https://doi.org/10.6028/nist.sp.800-184
  11. Security requirements for cryptographic modules. Available at: https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf
  12. Cichonski, J., Franklin, J. M., Bartock, M. (2017). Guide to LTE security. NIST. doi: https://doi.org/10.6028/nist.sp.800-187
  13. Lohachab, A., Lohachab, A., Jangra, A. (2020). A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum IoT networks. Internet of Things, 9, 100174. doi: https://doi.org/10.1016/j.iot.2020.100174
  14. Petrenko, K., Mashatan, A., Shirazi, F. (2019). Assessing the quantum-resistant cryptographic agility of routing and switching IT network infrastructure in a large-size financial organization. Journal of Information Security and Applications, 46, 151–163. doi: https://doi.org/10.1016/j.jisa.2019.03.007
  15. Hryshchuk, R., Yevseiev, S., Shmatko, A. (2018). Construction methodology of information security system of banking information in automated banking systems. Vienna: Premier Publishing s. r. o., 284. doi: https://doi.org/10.29013/r.hryshchuk_s.yevseiev_a.shmatko.cmissbiabs.284.2018
  16. Gorbenko, Y., Ganzya, R. (2014). Analysis of the possibility of quantum computers and quantum computings for cryptanalysis of modern cryptosystems. Eastern-European Journal of Enterprise Technologies, 1 (9 (67)), 8–16. doi: https://doi.org/10.15587/1729-4061.2014.19897
  17. Korol, O. G., Parhuts, L. T., Evseev, S. P. (2013). Method of forming cascade mac-code using modular transformation. Nauchnye vedomosti Belgorodskogo gosudarstvennogo universiteta. Seriya: Ekonomika. Informatika, 15 (158), 147–157.
  18. Kuznetsov, A. А., Korol, O. G., Evseev, S. P. (2012). Studying collision characteristics of authentication codes of messages UMAC. Applied Radio Electronics, 11 (2), 171–183.
  19. Evseev, S., Yokhov, O., Korol, O. (2013). Data Hashing in Information Systems. Kharkiv: Vyd. KhNEU, 312.
  20. Kuznetsov, O. O., Horbenko, Yu. I., Kiyan, A. S., Uvarova, A. O., Kuznetsova, T. Yu. (2018). Porivnialni doslidzhennia ta analiz efektyvnosti hibrydnoi kodovoi kryptosystemy. Radyotekhnyka, 195, 61–69. Available at: http://nbuv.gov.ua/UJRN/rvmnts_2018_195_9
  21. Marquez-Corbella, I., Tillich, J.-P. (2016). Using Reed-Solomon codes in the (U | U + V ) construction and an application to cryptography. 2016 IEEE International Symposium on Information Theory (ISIT). doi: https://doi.org/10.1109/isit.2016.7541435
  22. Kapshikar, U., Mahalanobis, A. (2018). A Quantum-Secure Niederreiter Cryptosystem using Quasi-Cyclic Codes. Proceedings of the 15th International Joint Conference on e-Business and Telecommunications. doi: https://doi.org/10.5220/0006843005060513
  23. Abidin, A. (2012). On Security of Universal Hash Function Based Multiple Authentication. Lecture Notes in Computer Science, 303–310. doi: https://doi.org/10.1007/978-3-642-34129-8_27
  24. Handschuh, H., Preneel, B. (2008). Key-Recovery Attacks on Universal Hash Function Based MAC Algorithms. Advances in Cryptology – CRYPTO 2008, 144–161. doi: https://doi.org/10.1007/978-3-540-85174-5_9
  25. Abouhogail, R. A. (2011). New multicast authentication protocol for entrusted members using advanced encryption standard. The Egyptian Journal of Remote Sensing and Space Science, 14 (2), 121–128. doi: https://doi.org/10.1016/j.ejrs.2011.11.003
  26. Carter, J. L., Wegman, M. N. (1979). Universal classes of hash functions. Journal of Computer and System Sciences, 18 (2), 143–154. doi: https://doi.org/10.1016/0022-0000(79)90044-8
  27. Stinson, D. R. (1994). Combinatorial techniques for universal hashing. Journal of Computer and System Sciences, 48 (2), 337–346. doi: https://doi.org/10.1016/s0022-0000(05)80007-8
  28. Sarvate, D. G. Seberry, J. (1986) Encryption methods based on combinatorial designs. Available at: https://ro.uow.edu.au/cgi/viewcontent.cgi?article=2034&context=infopapers
  29. Khalimov, G. Z. (2013). Strongly universal hashing. Applied Applied Radio Electronics, 12 (2), 220–224.
  30. Simmons, G. J. (1988). An Impersonation-Proof Identity Verification Scheme. Lecture Notes in Computer Science, 211–215. doi: https://doi.org/10.1007/3-540-48184-2_17
  31. Simmons, G. J. (1985). Authentication Theory/Coding Theory. Lecture Notes in Computer Science, 411–431. doi: https://doi.org/10.1007/3-540-39568-7_32
  32. Kuznetsov, A. A., Korol’, O. G., Bos'ko, V. V. (2011). Model of forming of codes of authentification of messages with the use of universal hash functions. Systemy obrobky informatsiyi, 3 (93), 117–125.
  33. Alekseev, M. O. (2014). Protection against algebraic manipulations based on a scalar product operation. Problemy informatsionnoy bezopasnosti. Komp'yuternye sistemy, 2, 47–53.
  34. Alekseev, M. O., Mironchikov, E. T. (2011). Ob obnaruzhenii oshibok s pomoshch'yu nelineynyh kodov. Nauchnaya sessiya GUAP, 1, 40–43.
  35. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P. (1999). UMAC: Fast and Secure Message Authentication. Lecture Notes in Computer Science, 216–233. doi: https://doi.org/10.1007/3-540-48405-1_14
  36. Ferguson, N., Schneier, B. (2004). Practical Cryptography. Мoscow: Izdatel'skiy dom “Vil'yams”, 432.
  37. Kuznetsov, A. A., Pushkarev, A. I., Svatovskiy, I. I., Shevtsov, A. V. (2016). Nesimmetrichnye kriptosistemy na algebraicheskih kodah dlya postkvantovogo perioda. Radiotehnika, 186, 70–90.
  38. Krovetz, T., Rogaway, P. (2001). Fast Universal Hashing with Small Keys and No Preprocessing: The PolyR Construction. Information Security and Cryptology – ICISC 2000, 73–89. doi: https://doi.org/10.1007/3-540-45247-8_7
  39. Krovetz, T. (2000). Software-Optimized Universal Hashing and Message Authentication. University of California Davis, 269.
  40. Krovetz, T. (Ed.). (2006). UMAC: Message Authentication Code using Universal Hashing. doi: https://doi.org/10.17487/rfc4418
  41. Korol, O. G. (2015). Evaluation of the computational complexity of some hash functions. Systemy obrobky informatsiyi, 4, 105–110.
  42. Krovetz, T., Black, J., Halevi, S., Hevia, A., Krawczyk, H., Rogaway, P. (2000). UMAC. Primitive submitted to NESSIE, 157–160.
  43. Bosselaers, A., Govaerts, R., Vandewalle, J. (1996). Fast Hashing on the Pentium. Lecture Notes in Computer Science, 298–312. doi: https://doi.org/10.1007/3-540-68697-5_23
  44. Final report of European project number IST-1999-12324, named New European Schemes for Signatures, Integrity and Encryption. Version 0.15 (beta). Springer-Verlag.
  45. Evseev, S., Korol, O., Ohurtsov, V. (2014). Advanced algorithm UMAC based modular transformations. Eastern-European Journal of Enterprise Technologies, 1 (9 (67)), 16–23. doi: https://doi.org/10.15587/1729-4061.2014.20130
  46. Yevseiev, S., Kots, H., Minukhin, S., Korol, O., Kholodkova, A. (2017). The development of the method of multifactor authentication based on hybrid crypto­code constructions on defective codes. Eastern-European Journal of Enterprise Technologies, 5 (9 (89)), 19–35. doi: https://doi.org/10.15587/1729-4061.2017.109879
  47. Yevseiev, S. (2017). The use of damaged codes in crypto code systems. Systemy obrobky informatsiyi, 5, 109–121. Available at: http://nbuv.gov.ua/UJRN/soi_2017_5_17
  48. Havrylova, A., Korol, O., Milevskyi, S. (2019). Mathematical model of authentication of a transmitted message based on a mceliece scheme on shorted and extended modified elliptic codes using UMAC modified algorithm. Cybersecurity: Education, Science, Technique, 5, 40–51. doi: https://doi.org/10.28925/2663-4023.2019.5.4051
  49. Yevseiev, S., Havrylova, A. (2020). Improved umac algorithm with crypto-code mceliece’s scheme. Modern problems of computer science and IT-education. Vienna, 79–92. doi: https://doi.org/10.29013/melnikk.shmatkoo.mpcsie.2020.352
  50. Korol, O., Havrylova, A., Yevseiev, S. (2019). Practical UMAC algorithms based on crypto code designs. Przetwarzanie, transmisja I bezpieczenstwo informacji. Vol. 2. Bielsko-Biala: Wydawnictwo naukowe Akademii Techniczno-Humanistycznej w Bielsku-Bialej, 221–232.
  51. Yevseiev, S., Rzayev, K., Korol, O., Imanova, Z. (2016). Development of mceliece modified asymmetric crypto-code system on elliptic truncated codes. Eastern-European Journal of Enterprise Technologies, 4 (9 (82)), 18–26. doi: https://doi.org/10.15587/1729-4061.2016.75250
  52. Mishchenko, V. A., Vilanskiy, Yu. V. (2007). Ushcherbnye teksty i mnogokanal'naya kriptografiya. Minsk: Entsiklopediks, 292.
  53. Mishchenko, V. A., Vilanskiy, Yu. V., Lepin, V. V. (2007). Kriptograficheskiy algoritm MV 2. Minsk: Entsiklopediks, 176.
  54. Korol', O. G. (2010). Issledovanie kollizionnyh svoystv kodov autentifikatsii soobshcheniy UMAC. Systemy obrobky informatsiyi. Problemy i perspektyvy rozvytku IT-industriyi, 7 (88), 221.
  55. Rukhin, A., Sota, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S. et. al. (2000). A statistical test suite for random and pseudorandom number generators for cryptographic applications. NIST. doi: https://doi.org/10.6028/nist.sp.800-22

Downloads

Published

2020-08-31

How to Cite

Gavrilova, A., Volkov, I., Kozhedub, Y., Korolev, R., Lezik, O., Medvediev, V., Milov, O., Tomashevsky, B., Trystan, A., & Chekunova, O. (2020). Development of a modified UMAC algorithm based on crypto­code constructions. Eastern-European Journal of Enterprise Technologies, 4(9 (106), 45–63. https://doi.org/10.15587/1729-4061.2020.210683

Issue

Vol. 4 No. 9 (106) (2020): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2020 Alla Gavrilova, Ihor Volkov, Yuliia Kozhedub, Roman Korolev, Oleksandr Lezik, Volodymyr Medvediev, Oleksandr Milov, Bogdan Tomashevsky, Andrii Trystan, Oksana Chekunova

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.