Journal "Software Engineering" (Programmnaya Ingeneria) | The Method and Information System for the Exchange of Confidential Information in Open Computer Networks

Main

New Issue

Archive

Most cited articles

Editor in chief

Editorial board

For the authors

Publishing ethic

Peer reviewing

Publishing House

Old site

Russian

Issue N8 2017 year

DOI: 10.17587/prin.8.359-368

The Method and Information System for the Exchange of Confidential Information in Open Computer Networks

A. N. Shniperov, ashniperov@sfu-kras.ru, A. P. Chistyakov, acella93@mail.ru, Siberian Federal University, Krasnoyarsk, 660074, Russian Federation

Corresponding author: Shniperov Alexey N., Head of Information Security Laboratory, Siberian Federal University, Krasnoyarsk, 660074, Russian Federation, E-mail: ashniperov@sfu-kras.ru

Received on April 26, 2017

Accepted on May 29, 2017

Submitted article considers the problem of protecting confidential information in open computer networks. The paper views the method and information system for instant messaging of confidential information in networks. The method is based on the idea of sharing cryptographic keys and distributing them through various network channels. The article reviews and analyzes the existing instant messaging applications including WhatsApp, Viber, Telegram, Threema in terms of security of information exchange. It is concluded that all the systems are subject to a classic MITM-attack on the key information coming from the server side. For example, this is possible for the government agencies with access to the server. The article proposes a model of the information system which basically solves this problem by dividing the shared secret via several communication channels. The Infrastructure of the encryption keys is described in detail, including the algorithms for their distribution. We also consider cryptographic primitives, which we used. The article considers the protocols of the network interaction of subscribers in the information system. In addition, the article describes the development technology, as well as the development tools which were used. The article deals with the architecture of the information system in terms of its load capacity and its scalability.

Keywords: information security, cryptoprotocols, telecommunication security, MITM-attack, shared secret key, end-to-end encryption, instant messaging applications, fault tolerance, security network protocol

pp. 359–368

For citation:
Shniperov A. N., Chistyakov A. P. The Method and Information System for the Exchange of Confidential Information in Open Computer Networks, Programmnaya Ingeneria, 2017, vol. 8, no 8, pp. 359—368.

This work was supported by the Krasnoyarsk Regional Foundation for Support of Scientific and Technical Activity