Threat models for asymmetric cryptotransformations of the promising electronic signature
DOI:
https://doi.org/10.30837/rt.2020.3.202.07Keywords:
asymmetric ES, classical and quantum cryptanalysis, threat model in ES synthesis, threat model in ES application, list of ES threats, post-quantum period.Abstract
The paper considers the concept of a threat model, presents the results of substantiation and development of proposals for building a threat model for asymmetric cryptotransformations such as a promising electronic signature (ES), which can be used in the post-quantum period. The generalized models of threats concerning perspective ES are stated in detail and their estimation is given. Threat models for promising ES using classical and quantum cryptanalysis methods and tools, threat models for synthesis and application of ES in general, as well as threat models for synthesis and application of ES in the post-quantum period are proposed. A list of threats is identified based on the results of the analysis of the methods of synthesis and application of known and promising ES. Proposals are formulated for a list of threats for which protection should be provided. The list of threats is determined using the IT-Grundschutz Catalogues of the German database, and based on this a threat model is formed. It is determined that the threats to the use of classical cryptanalysis in the synthesis and application of EP must be identified in detail unconditionally. The main threats (methods) of classical cryptanalysis that must be taken into account are identified. Possible variants of side channel attacks are considered. The main threats (attacks) using quantum mathematical methods that can be implemented on a quantum computer (of course, if it is built). A comparative analysis of the complexity of factorization for classical and quantum algorithms, as well as a comparative analysis of the complexity of the algorithm of discrete logarithm in a finite field based on the sieve of a numerical field and the Shore algorithm are given. Threats (attacks) are considered on the example of the problem of stability of cryptotransformations based on learning with errors (LWE). In general, attacks on LWE can be divided into 2 major classes – attacks based on bust and attacks based on lattice reduce. Preliminary analysis allows us to conclude that modern versions of LWE mechanisms are based on polynomial rings.References
Наказ від 20.07.2007 №141 «Положення про порядок розроблення, виробництва та експлуатації засобів криптографічного захисту конфіденційної та відкритої інформації з використанням електронного цифрового підпису» № 862/14129.
Закон України «Про основні засади забезпечення кібербезпеки України» // Відомості Верховної Ради (ВВР). 2017. № 45, ст. 403.
Закон України «Про електронні довірчі послуги» // Відомості Верховної Ради (ВВР). 2017. № 45, ст. 400.
Горбенко Ю. І. Методи побудування та аналізу криптографічних систем. Харків : Форт, 2015. 959 с.
Горбенко І. Д. Прикладна криптологія : монографія / І. Д. Горбенко, Ю. І. Горбенко. 2-ге вид. Харків : Форт, 2012. 868 с.
Gorjan Alagic Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process. NISTIR 8309 / Gorjan Alagic, Jacob Alperin-Sheriff, Daniel Apon, David Cooper, Quynh Dang, John Kelsey, Yi-Kai Liu, Carl Miller, Dustin Moody, Rene Peralta, Ray Perlner, Angela Robinson, Daniel Smith-Tone // 22 July 2020.Режим доступу: https://doi.org/10.6028/NIST.IR.8309.
ЕП Léo Ducas, Eike Kiltz, Tancrède Lepoint, Vadim Lyubashevsky, Peter Schwabe, Gregor Seiler and Damien Stehlé CRYSTALS-Dilithium: Algorithm Specifications and Supporting Documentation.Access mode: https://pq-crystals.org/dilithium/data/dilithium-specification.pdf.
Горбенко І. Д. Особливості побудування та аналіз електронних підписів 5 рівня безпеки для постквантового періоду на основі алгебраїчних решіток / І. Д. Горбенко, О. Г. Качко, А. М. Олексійчук, Ю. І. Горбенко, В. П. Звєрєв, М. В. Єсіна, В. А. Пономар // Прикладная радиоэлектроника. Харьков : ХНУРЭ, 2019.Т. 18, № 3, 4. С. 123–136.
Горбенко Ю. І. Аналіз можливостей квантових комп’ютерів та квантових обчислень для криптоаналізу сучасних криптосистем / Ю. І. Горбенко, Р. С. Ганзя. // Східно-європейський журнал передових технологій. 2014. № 1/9 (67). С. 8–15.
Квантовые компьютеры. [Електронний ресурс].Режим доступу: http://www.nkj.ru/archive/articles/5309/.
Горбенко І. Д., Постквантова криптографія та механізми її реалізації / І. Д. Горбенко, О. О. Кузнецов, О. В. Потій, Ю. І. Горбенко, Р. Ганзя, В. А. Пономар // Радиотехника. 2017. Вып. 186.С. 32–52.
Yesina Maryna Comparative Analysis of Key Encapsulation Mechanisms / Maryna Yesina, Mikolaj Karpinski, Volodymyr Ponomar, Yurij Gorbenko, Tomasz Gancarczyk, Uliana Iatsykovska // Proceedings of the 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS). September 18-21.
Downloads
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
