Purpose. The software module can be further integrated into websites, mobile and software applications, as well as into information and communication systems and networks that store, process and transmit personal user data.
Scope. The cryptographic protection module pertains to the field of information security and can be used in modern information and communication systems and networks to ensure the integrity and confidentiality of information.
Advantages. Currently, a method of homomorphic encryption and decryption of confidential information is known – the Gentry encryption system. The disadvantage of this method is that the same session key is used for encryption and decryption. As a result of using this approach to storing the session key, its reliable storage and transmission is not ensured. This session key is transmitted in an open form, which allows it to be intercepted with subsequent forgery and unauthorized access to the information system. The obtained technical result ensures the integrity and confidentiality of the session key and eliminates the possibility of its interception and unauthorized access. The problem is solved by calculating a pair of public and private keys according to the asymmetric RSA algorithm, performing an additional selection of parameters p and q (at least 1024 bits long) and encrypting the session key.
Description. This cryptographic module uses a new approach of additional encryption of the session key using the asymmetric RSA algorithm and transmitting it to the communication channel in encrypted form. This ensures the reliability of the algorithm, since in order to perform cryptanalysis and decrypt the key, an attacker will need to solve the problem of decomposing the parameter n into prime factors p and q, and with a successful selection of these parameters (at least 1024 bits), such a problem is almost impossible to solve in modern conditions. This cryptographic module is more reliable compared to the usual algorithm, since it does not allow an attacker to decrypt a message based on the public key transmitted via communication channels, since decryption of the session key is possible only with the help of the parameter d, which is not transmitted via the channel and can be protected by additional means. Also, the use of this module does not allow an attacker to effectively implement an attack on a known ciphertext, since for its successful implementation it will be necessary to obtain the parameter d.