Purpose. This software module can be further integrated into websites, mobile and software applications, as well as into information and communication systems and networks that store, process and transmit personal user data.
Technical properties. The cryptographic module relates to the field of information security and can be used in modern information and communication systems and networks to ensure the integrity and confidentiality of information.
Advantages. Today, a method is known for ensuring the procedure for generating and verifying an electronic digital signature based on the DSTU 4145_2002 standard. “Information technology. Cryptographic information protection. Digital signature based on elliptic curves. Generation and verification. The disadvantage of this method is the inability to restore the original message from the digital signature. As a result of using this approach to the formation and verification of an electronic digital signature, only one security service is provided, namely, integrity. The technical result obtained when creating a utility model ensures the integrity and confidentiality of information for the main restoration of an information message. The problem is solved by calculating the masking function using a hash token and finding a hash digest, which is a component attached to the transmitted part of the message, thus masking it.
Description. This cryptographic module uses a new approach to the procedure for generating and verifying an electronic digital signature, which allows for another security service – confidentiality and the procedure for restoring an information message. This means that a document signed with an electronic digital signature will not be transmitted over an open communication channel, but will be an integral part of the signature, and the subscriber checking it will have access to the message only if the authorship and integrity are confirmed. Note that, unlike the usual DSTU 4145_2002 standard, the proposed utility model does not use the translation of parameters into a binary string, but their transformation into octets. When working with an electronic digital signature with message restoration in the proposed utility model, it is advisable to use lossiness. In this case, in the case of full message recovery, only the first 64 bits of the received digest are used, and in the case of partial recovery, the first 136 bits. Providing the message recovery function adds a confidentiality service, reduces the volume of the electronic digital signature, and increases cryptographic strength.