PROTECTION OF AN ELECTRONIC DOCUMENT USING A CONSOLIDATED APPROACH TO THE APPLICATION OF ELECTRONIC DIGITAL SIGNATURE

Adaptive automatic control systems, Sep 2019

Modern information systems allow organizations to improve their efficiency, significantly reduce their costs and meet regulatory requirements. A good document management system is often regarded as all that is required, but additional protection measures are also needed to ensure that data is protected from unauthorized access and forgery.The purpose of this article is to modify the algorithms of cryptographic methods of protecting the integrity of a document using an electronic digital signature.Document management systems typically provide security and control access to documents in a controlled environment. However, when a document leaves a secure environment, it is easy to modify it. Unprotected documents do not allow to determine whether the document is authentic, who was the originator and the approver or has it been modified since its creation.The problem of keeping electronic documents from being copied, modified, and forgery requires specific approaches and methods of protection for its solution. One of the most common method of such protection in the world is an electronic digital signature (EDS), which confirms the authenticity, integrity its details and the fact of signing by a specific person of the document with the help of special software.Common encryption methods are based on factorization of large numbers (RSA, DSA, ElGamal) and discrete logarithmization (ECDSA, EdDSA, GOST R 34.10–2012).Each pair of keys consists of a private key and a public key. They are interdependent, but can be used separately. Usually, each pair of keys may belong to a specific key holder. The algorithm works in such a way that it is impossible for third parties to calculate the private key, even if they own the public key.Ref. 13, figure 6, table 3

Article PDF cannot be displayed. You can download it here:

https://asac.kpi.ua/article/download/178225/179218

PROTECTION OF AN ELECTRONIC DOCUMENT USING A CONSOLIDATED APPROACH TO THE APPLICATION OF ELECTRONIC DIGITAL SIGNATURE

Міжвідомчий науково-технічний збірник «Адаптивні системи автоматичного управління» № 1’ (34) 2019 UDC 004.056.55  Y. Kornaga, V. Garmatin, A. Hryshko, A. Maksimyuk, V. Gasanov PROTECTION OF AN ELECTRONIC DOCUMENT USING A CONSOLIDATED APPROACH TO THE APPLICATION OF ELECTRONIC DIGITAL SIGNATURE Abstract: The article deals with the use of electronic digital signature based on software models of cryptographic methods for protecting the document integrity. The most appropriate in terms of protection software tools for working with electronic digital signature were analyzed. There was defined advantages and disadvantages of the algorithms. An algorithm for initiating and authenticating a user that uses an electronic digital signature was proposed. Keywords: network infrastructure, document, electronic document, electronic digital signature, authentication, verification, EdDSA, SHA-512, Argon2. Introduction The Internet is an integral part of our everyday life, and therefore a guarantee of a high level of security is one of the priorities in the development of information technology. Currently, users and the Internet infrastructure, such as routers, servers and services, are targets of various kinds of malicious attacks, such as denial of service attacks, hacks, phishing attacks and unwanted e-mail (spam) - especially dangerous - and ensuring sufficient protection indicator involves the effective use of the Internet. The reason of the vulnerability of the Internet to various attacks lies in its initial creation goals, in which it was assumed that the network would be used in a completely different way than today. Initially, the Internet was developed to be used by relatively few friendly parties. At present, the situation is quite different: a large number of different users are using the Internet, and almost all attacks against it occur from within the network. Protecting the Internet from attacks is quite a difficult task, since there is no effective security measure that can cover all types of attacks. You can protect yourself as much as possible against direct attacks from the network using HTTPS (TLS1.2 + trusted certificate), but you should be afraid of various attacks based on social engineering. Unfortunately, only awareness and attentiveness of users can save him from this type of attack. Problem statement and current developments Traffic verification and integrity check can be provided for comprehensive security solutions. One of the main problems is the low efficiency: if the network infrastructure compromised and cannot deliver packets. This requires a clear need for new solutions. If traffic can be verified in the network infrastructure, control measures can be taken on the network. This will allow you quickly and effectively stop the attack and keep your data safe. Document management systems typically provide security and control access to documents in a controlled environment. However, when a document leaves a secure environment, it is easy to modify it. Unprotected documents do not allow   Y. Kornaga, V. Garmatin, A. Hryshko, A. Maksimyuk, V. Gasanov ISSN 1560-8956 23 Міжвідомчий науково-технічний збірник «Адаптивні системи автоматичного управління» № 1’ (34) 2019 to determine whether the document is authentic, who was the originator and the approver or has it been modified since its creation. The problem of keeping electronic documents from being copied, modified, and forgery requires specific approaches and methods of protection for its solution. One of the most common method of such protection in the world is an electronic digital signature (EDS), which confirms the authenticity, integrity its details and the fact of signing by a specific person of the document with the help of special software. Dependence on digital signatures alone is a matter of concern, since a pair of keys can be obtained by another person or organization using one method or another. This can be resolved by verifying by certification center. The certification center is a trusted third party (for example, a bank) that will ascertain the identity of the person or company. For example, it can be done by checking passports or driver's license details, as well as corporate documents. Then certificate center will issue a digital certificate signed with its own digital signature, which will be attach to user’s digital signature as an identity card. Certification center is a trusted third party that provides information about the identity of the key holder in the form of an authenticated key certificate [2]. All electronic certificates are digitally signed by a certification authority with a private key. If the certification authority supports strong private key protection, it is almost impossible to forge an electronic certificate. The certificate can be distributed in several ways. The certificate can be “handed over” to the owner of the signature. Then the owner can distribute the certificate anywhere he decides. This approach is preferable to publishing a certificate on a website. Modern information systems allow organizations to improve their efficiency, significantly reduce their costs and meet regulatory requirements. A good document management system is often regarded as all that is required, but additional protection measures are also needed to ensure that data is protected from unauthorized access and forgery. The purpose of this article is to modify the algorithms of cryptographic methods of protecting the integrity of a document using an electronic digital signature. Use of electronic signatures creates significant problems in relation to the individual. The use of paper tools for creating and maintaining records often includes handwritten signatures, and verification tools such as seal are the predominant approach of performing official actions. Typical examples of paper rules are formal legal requirements in favor of paper documents and handwritten signatures or archiving rules that require storing valuable information on paper. These rules can be found in various national, international and supranational legal frameworks. Traditionally, a handwritten signature is a sufficient means of authentication. By signing a paper document, the manufacturer “identifies” itself as the author of the document and confirms the “integrity” of the document. The signing procedure serves as a warning, and also confirms the fact that the information has been finalized and was 24 ISSN 1560-8956 Міжвідомчий науково-технічний збірник «Адаптивні системи автоматичного управління» № 1’ (34) 2019 not changes since signing. Distinguishing marks can be encoded in the information itself to identify the source and authenticate the content. Many forms of digital authentication are currently used, such as using a password, such as a PIN code, using encryption methods such as digital signatures, and using biometric identification, such as fingerprints, face, retina and voice recognition. Basic (...truncated)


This is a preview of a remote PDF: https://asac.kpi.ua/article/download/178225/179218
Article home page: https://asac.kpi.ua/article/view/178225/179218

Kornaga Yaroslav, Garmatin Vyacheslav, Alona Hryshko, Alona Maksimyuk, Vadym Gasanov. PROTECTION OF AN ELECTRONIC DOCUMENT USING A CONSOLIDATED APPROACH TO THE APPLICATION OF ELECTRONIC DIGITAL SIGNATURE, Adaptive automatic control systems, 2019, pp. 23-31,