CC BY
6INTERNATIONAL SCIENTIFIC AND TECHNICAL CONFERENCE "DIGITAL TECHNOLOGIES: PROBLEMS AND SOLUTIONS OF PRACTICAL IMPLEMENTATION IN THE SPHERES" APRIL 27-28, 2023
EMBEDDING DATA HASHING ALGORITHMS INTO A CRYPTOGRAPHIC
INFORMATION SECURITY TOOL Nurullaev Mirkhon Mukhammadovich1
1 Bukhara Engineering Technological Institute https://doi.org/10.5281/zenodo.7857609
Abstract. This paper presents the problem of embedding data hashing algorithms into a cryptographic data protection tool. The introduction of data hashing algorithms into a means of cryptographic protection of information is the process of integrating special software modules implementing hashing algorithms into a complex of technical and software tools that are means of cryptographic protection of information. The sequence of the process of the data hashing function with a parameter in the cryptographic data protection tool is schematically described.
Keywords: cryptographic information security tool, hashing algorithms, embedding data hashing algorithms, hash, information security.
A system of cryptographic protection of information, is a complex of technical and software tools that protect information from illegal access, copying or modification. One of the most important elements of cryptographic information protection is data hashing algorithms, which are used to generate a unique digital signature that allows you to verify the integrity and authenticity of data.
Data hashing is the process of converting data of arbitrary length into some fixed string of fixed length, which is called a hash value. The hash value is a unique identifier of the data and is used to verify the integrity of the data, as well as to ensure confidentiality and authentication [1].
The means of cryptographic protection of information are software and hardware complexes designed to protect information from unauthorized access and illegal use. They can be used to protect confidential information in various fields, including government organizations, banking, healthcare, etc [2].
When choosing a hashing algorithm for embedding in a cryptographic Information Security Tool, its security, performance and usability should be taken into account. However, when choosing an algorithm, its performance should also be taken into account, since more complex algorithms can slow down the system [3].
Embedding data hashing algorithms into a cryptographic Information security Tool is the process of integrating special software modules implementing hashing algorithms into a set of technical and software tools for cryptographic information protection. The purpose of such embedding is to provide a high degree of protection of information processed by a means of cryptographic protection of information from external threats [4].
Embedding data hashing algorithms into a cryptographic Information Security Tool can be implemented in several ways. For example, you can use a separate software module that implements a hashing algorithm that will be executed on a dedicated server or on the device itself, a means of cryptographic protection of information [5]. Another way is to embed the hashing algorithm into the kernel itself as a means of cryptographic protection of information, which allows you to speed up the hashing process and improve the overall performance of the system [6], [7].
Embedding data hashing algorithms into a cryptographic Information Security Tool is a necessary step to ensure a high degree of information protection from external threats. However,
INTERNATIONAL SCIENTIFIC AND TECHNICAL CONFERENCE "DIGITAL TECHNOLOGIES: PROBLEMS AND SOLUTIONS OF PRACTICAL IMPLEMENTATION IN THE SPHERES" APRIL 27-28, 2023
it is important to keep in mind that the security of a cryptographic information protection tool depends not only on the quality of hashing algorithms, but also on other factors such as system architecture, access control and much more [8].
The hashing function is designed to implement a unidirectional compressive mapping f from the set A to the set B, the input of which is a message of arbitrary length M, and the output is a string of fixed length h(M). The use of hashing transformation reduces the redundancy of the input text.
The hashing function is used in cryptographic methods of processing and protecting information, including for the implementation of electronic digital signature procedures for the transmission, processing and storage of information in automated systems [9].
The following are the basic requirements for the hashing function.
Basic requirements for a cryptographic hash function:
• a message of any length can be sent to the input of the function;
• a fixed-length message is received at the output of the function;
• The hash function is simply calculated for any message;
• hash function - unidirectional function;
• knowing the message M, it is almost impossible to find another message M' for which h(M) = h(M').
The proposed cryptographic information protection tool implements hashing algorithms in accordance with O'z DSt 1106:2009 [10].
The following figure shows the data hashing functions with the parameter (Figure 1.).
INTERNATIONAL SCIENTIFIC AND TECHNICAL CONFERENCE "DIGITAL TECHNOLOGIES: PROBLEMS AND SOLUTIONS OF PRACTICAL IMPLEMENTATION IN THE SPHERES" APRIL 27-28, 2023
I
Getting a provider from the 4ist- 1 4-1
Getting a hash from the list C hecking that existing PKCS#11 ___: ____ _ _ ___ii______
Hashing Completion Le ■
Getting the size of the hash 'un Getting session information i i
►- -±-: Getting session from the list
Completion of the digest
calculation procedure
Closes the session
Creation MUTEX
Blocking MUTEX
Getting session from the list
Checking procedure initialize tioi
Completion of the
hashina procedure
Unblocking MUTEX
Destroy resources MUTEX
Figure 1. Data hashing function with CPGetHashParam parameter In general, the embedding of hashing algorithms into a means of cryptographic protection of information is an important element of ensuring the security of information systems and is necessary to protect confidential information in various fields of activity.
REFERENCES
1. Shubhani Aggarwal, Neeraj Kumar. Cryptographic primitives used in blockchain // Advances in Computers, Elsevier, Volume 121, 2021, pp. 83-93, https://doi.org/10.1016/bs.adcom.2020.08.003.
2. Aloev R.D., Nurullaev M.M. Software, algorithms and methods of data encryption based on national standards // IIUM Engineering Journal 21 (1), pp. 142-166, 2020. doi: 10.31436/iiumej.v21i1.1179.
3. Mukhammadovich N. M., Djuraevich A. R. Working with cryptographic key information. // International Journal of Electrical and Computer Engineering. - 2023. - T. 13. - №. 1. - C. 911. doi: 10.11591/ijece.v13i1.pp911-919
INTERNATIONAL SCIENTIFIC AND TECHNICAL CONFERENCE "DIGITAL TECHNOLOGIES: PROBLEMS AND SOLUTIONS OF PRACTICAL IMPLEMENTATION IN THE SPHERES" APRIL 27-28, 2023
4. Aloev R.D., Nurullaev M.M. Development of the Software Cryptographic Service Provider on the Basis of National Standards // Journal of Systemics, Cybernetics and Informatics, 17 (1), pp. 260-272, 2019.
5. Нуруллаев М. М. Моделирование информационных процессов в интегрированных системах безопасности // Молодой ученый. - 2018. - №. 17. - С. 26-27.
6. Acosta, A. J., Addabbo, T., and Tena-Sánchez, E. (2017) Embedded electronic circuits for cryptography, hardware security and true random number generation: an overview. Int. J. Circ. Theor. Appl., 45: 145- 169. doi: 10.1002/cta.2296.
7. Aloev R.D., Nurullaev M.M. Cryptography Service Provider - Data Encryption // in Proc. Conference on Complexity, Informatics and Cybernetics, Orlando, Florida, USA, pp.127131, 2019.
8. Muhammadovich N. M. The need to implement cryptographic information protection tools in the operating system and existing solutions // Central asian journal of mathematical theory and computer sciences. - 2023. - Т. 4. - №. 3. - С. 1-4.
9. Nurullaev M.M. Random number generation to ensure information security on mobile phones // International Journal of Contemporary Scientific and Technical Research, 1(1) pp.12-16, 2022. doi: 10.5281/zenodo.7238632
10. O'z DSt 1106:2009 - Information technology. Cryptographic protection of information. Hash function. 2009.
