Kravchenko P. Model and methods of ensuring security in combined public key infrastructures

Research object - the processes of cryptographic transformations in public key infrastructure for the agreement of system parameters, key generation and encryption. Research target is to develop the model and methods of ensuring security in combined public key infrastructures by using the unique system parameters and security policies for sets of users, which allows to implement a model of mutual distrust and mutual protection. Methods of research: methods of the numbers' theory - during the development of models and methods for combined PKI, analysis and synthesis of combined PKI, methods of probability theory to determine the security of cryptographic transformations such as encryption and availability of distributed private key generator, methods of practical cryptography and system analysis when comparing existing combined PKI, methods of modeling software processes in the implementation of cryptographic transformations and so on. Scientific novelty: 1) a new model of the combined public key infrastructure, which is characterized by using a unique system parameters and security policies for identity-based PKIs, ensuring the integrity of identifiers and system parameters, which allows to implement a model of mutual distrust and mutual protection; 2) improved encryption method for the combined PKI, which differs mechanisms for check system parameters and receiver identifier, and allows users, which don't have agreed system parameters, to interact and reduces the number of operations required for 3 times compared with the prototype; 3) improved key-issuing method for the combined PKI, which differs from existing in parallel requests to the distributed private key generator and calculation of private key on user side and allows to increase rate of availability of distributed private key generator; 4) improved method for security analysis of cryptoprotocols, which differs from the existing in matching terms in previous sessions of the protocol and protocol sessions with other participants, that allows to find protolols that are not forward secure. Degree of implementation - the research results are used in the LLC "IIT" (act of 12.10.2011) scientific statements, conclusions, and recommendations contained in the thesis are used in courses "Applied Cryptology" and "Cryptographic systems and protocols" which are taught to students of Kharkiv National University of Radio Electronics (act of 06.09.2010). The scope of use - in organizations that deal with development, research, implementation and operation of complex systems of protect information; in the education process for preparing specialists in the area of information security.