SYSTEMATIZATION OF SIGNS OF UNAUTHORIZED ACCESS TO CORPORATE INFORMATION BASED ON APPLICATION OF CRYPTOGRAPHIC PROTECTION METHODS
DOI:
https://doi.org/10.18372/2225-5036.30.18615Keywords:
unauthorized access, cryptographic methods of protection, hashing algorithm, hash value, hidden key, stabilityAbstract
Recently, an increase in incidents of unauthorized access to corporate information has been detected. The article considers an approach aimed at solving the issue of developing a method whose main purpose is to propose a scheme for protecting corporate information from any unauthorized access using a cryptographic algorithm. The reliability of the algorithm is achieved by combining a cryptographic algorithm with a secret key. The implementation of a binary template as a secret key, which is integrated into the process of generating a hash value using the MD5 hashing algorithm, is characterized by a relatively high degree of stability and reliability. The subsequent comparison of the obtained hash value with the stored one is carried out in order to effectively manage access to corporate information. The use of a hidden key in the hashing algorithm means that the data is used as an additional input to a one-way function that hashes the password. Thus, the method of the chosen cryptographic scheme demonstrates effectiveness in ensuring the confidentiality, integrity and availability of corporate information.
References
Saibal K. Pal, Diwakar Bhardwaj, Rajat Kumar & Varun Bhatia. A New Cryptographic Hash Function based on Latin Squares and Non-linear Transforma-tions. IEEE International Advance Computing Confer-ence (IACC 2009) Patiala, India, 6-7 March 2009.
R. Steinwandt, M. Grassl, W. Geiselmann, Beth, T., Weaknesses in the SL2(F2n) hashing scheme. In CRYPTO 2000. Lecture Notes Computer Science, vol. 1880 (Springer, Berlin, 2000), pp. 287-299.
K.S. Abdukhalikov, C. Kim, On the security of the hashing scheme based on SL2. In Fast Software Encryption 1998. Lecture Notes Computer Science, vol. 1372 (Springer, Berlin, 1998), pp. 93-102.
. Meng YK, Wok L. Adaptive non-critical alarm reduction using hash-based contextual signatures in intrusion detection. Computer Communications. 2014 Feb; 38: 50-9.
Wang C, Zhang X, Zheng Z. Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme. Plos One. 2016; 11(2): e0149173.
Maitra T, Obaidat MS, Islam SH, Giri D, Amin R. Security analysis and design of an efficient ECC-based two-factor password authentication scheme. Secur Commun Netw. 2016; 9(17): 4166-4181.
Murillo-Escobar M, Cruz-Hernandez C, Abundiz-Perez F, Lopez-Gutierrez R. A robust embed-ded biometric authentication system based on finger-print and chaotic encryption. Expert Systems with Applications. 2015 Nov; 42(21): 8198-211.
Mihailescu M. New enrollment scheme for biometric template using hash chaos-based cryptog-raphy. Procedia Engineering. 2014 Mar; 69:1459-68.
Yu J, Hao R, Zhao H, Shu M, Fan J. IRIBE: In-trusion-Resilient Identity-Based Encryption. Infor-mation Sciences. 2016 Feb; 329:90-104.
Guo H, Wang P, Zhang X, Huang Y, Ma F. A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments. Plos One. 2017; 12(11): e0187403. https: // doi.org / 10.1371/ journal. pone. 0187403 PMID: 29121050.
Yang L, Zheng Z. Cryptanalysis and im-provement of a biometrics-based authentication and key agreement scheme for multi-server environments. Plos One. 2018; 13(3): e0194093. https: // doi.org/10.1371/ journalpone.0194093 PMID: 29534085.
Jo Hyang-Rim, Pak Kyong-Sok, Kim Chung-Hyok, Zhang Il-Jin: Cryptanalysis and improved mutu-al authentication key agreement protocol using pseudo-identity. PLoS ONE , Volume 17 (7), Jul 28, 2022.
Ghosh R, Verma S, Kumar R, Kumar S, Ram S. Design of hash algorithm using Latin square. Proce-dia Computer Science, Jan 1, 2015.
Zhao T, Ran Q, Yuan L, Chi Y, Ma J. Image encryption using fingerprint as key based on phase retrieval algorithm and public key cryptography. PLoS ONE , Volume 17 (9), Sep 16, 2022.
Politou Eugenia, Alepis Efthimios, Patsakis Constantinos. Forgetting personal data and revoking consent under the GDPR: Challenges and proposed solutions. Journal of Cybersecurity , Volume 4 (1), Jan 1, 2018.
Azzaz Mohamed Salah, Tanougast Camel, Maali Abdelmadjid, Benssalah Mustapha. An efficient and lightweight multi‐scroll chaos‐based hardware solution for protecting fingerprint biometric templates. Inter-national Journal of Communication Systems , Volume 33 (10), Jul 10, 2020.
Vijayarajan R, Gnanasivam P, Avudaiammal R. Bio-Key Based AES for Personalized Image Cryptog-raphy. The Computer Journal , Volume 62 (11), Nov 11, 2019.
Kocher P, Jaffe J, Jun B, Rohatgi P. Introduc-tion to differential power analysis. Journal of Crypto-graphic Engineering. 2011; 1(1): 5–27.
Tzeng SF, Horng SJ, Li T, Wang X, Huang PH, Khan MK. Enhancing Security and Privacy for Identitybased Batch Verification Scheme in VANET. IEEE Tran¬sactions on Vehicular Technology. 2017; 66 (4):3235–3248.