Shevchuk O. Digital signatures with higher speed

Українська версія

Thesis for the degree of Candidate of Sciences (CSc)

State registration number

0413U002332

Applicant for

Specialization

  • 05.13.21 - Системи захисту інформації

12-03-2013

Specialized Academic Board

К 64.052.05

Kharkiv National University Of Radio Electronics

Essay

Object of study - processes of producing digital signatures (DSS) with the requested security level and increasing computational speed. Subject of research - providing requested level of security and increase computational speed of hardware security modules (HSM) that implements Ukrainian national DSS DSTU 4145-2002. Research methods - theory of complexity (evaluation of security level); probability theory and mathematical statistics the cryptographic analysis (evaluation of full disclosure); software modeling and profiling (evaluation of processes of cryptographic transformations), combination theory . The equipment - the personal computer. Theoretical and practical results of researches - solving the number of the actual scientific and practical tasks concerning performance of DSS - HSM union, providing protection against their use by unauthorized way and increases in some cases their speed. Scientific novelty - the method of modification scalar multiplication algorithms (in elliptic curve) which are based on a partial caching and pseudorandom number generator (PRNG) modification. That allows to increase the speed of DSS computation. The method of protection against attack of full disclosure by known results of cryptographic transformations, which is performed with spoofed HSM, is proposed for the first time. The method is based on the modified authentication algorithm ISO/IEC 9798-2 6.1, with changed cryptographic transformations from the symmetric ones to the ones with the public key. That allows the exchanges for the user with the third entrusted party and provides safe distribution of HSM hardware by offering protection from the HSM spoofing attack. Proposed the modification method of the national Ukrainian DSS DSTU 4145-2002 standard for using it in DSS with recovery mode with partial compatibility with existing implementations. The main results are introduced to the JSC "Institute of Information Technologies"; within works is devoted to creation virtual private networks, in NJSC "Naftogaz of Ukraine"; in educational process Kharkov national university. Results can be used for HSM improvements.

Files

Similar theses