Перевод названия: The Method and Information System for the Exchange of Confidential Information in Open Computer Networks
Тип публикации: статья из журнала
Год издания: 2017
Идентификатор DOI: 10.17587/prin.8.359-368
Ключевые слова: защита информации, защита телекоммуникаций, оконечное шифрование, распределение ключей шифрования, information security, cryptoprotocols, telecommunication security, MITM-attack, shared secret key, end-to-end encryption, instant messaging applications, fault tolerance, security network protocol
Аннотация: Рассмотрена проблема защиты конфиденциальной информации в открытых компьютерных сетях. Разработан и предложен способ безопасного информационного обмена в открытых сетях, а также архитектура соответствующей информационной системы. В статье также отражены технологические аспекты разработки и надежности. Submitted article considers thПоказать полностьюe problem of protecting confidential information in open computer networks. The paper views the method and information system for instant messaging of confidential information in networks. The method is based on the idea of sharing cryptographic keys and distributing them through various network channels. The article reviews and analyzes the existing instant messaging applications including WhatsApp, Viber, Telegram, Threema in terms of security of information exchange. It is concluded that all the systems are subject to a classic MITM-attack on the key information coming from the server side. For example, this is possible for the government agencies with access to the server. The article proposes a model of the information system which basically solves this problem by dividing the shared secret via several communication channels. The Infrastructure of the encryption keys is described in detail, including the algorithms for their distribution. We also consider cryptographic primitives, which we used. The article considers the protocols of the network interaction of subscribers in the information system. In addition, the article describes the development technology, as well as the development tools which were used. The article deals with the architecture of the information system in terms of its load capacity and its scalability.
Журнал: Программная инженерия
Выпуск журнала: Т. 8, № 8
Номера страниц: 359-368
ISSN журнала: 22203397
Место издания: Москва
Издатель: Общество с ограниченной ответственностью Издательство Новые технологии