CC BY
11TECHNICAL SCIENCES
POLYMORPHiC ENCRYPTiON AND DECRYPTiON ALGORITHMS
Salmanov V.
Associate Professor, Nakhchivan Teachers' Institute Republic of Azerbaijan, Nakhchivan AR, DOI: 10.5281/zenodo.6973815
ABSTRACT
Based on the analysis, an algorithm for improving the development of automated distance learning systems is considered. The algorithm, designed to be integrated into existing educational systems, has been designed to be supported during use outside of robust computing systems.
When preparing software based on the proposed algorithm, new data encryption technologies can be used. This completely eliminates the need for hardware.
Keywords: information, distance learning systems, virtual register, encryption, decryption.
The problem of protecting information by converting it so that it cannot be read by outsiders has worried people since ancient times. Illegal software tampering has always been a big problem for software developers.
Cryptology deals with the problem of protection of information through its transformation. Cryptology is divided into two directions - cryptography and crypta-nalysis. In automated systems, the information protection by cryptographic methods can be applied both for the protection of information processed in EC (Electronic Computers) or stored in various types of memory devices, and also for the closure of information transmitted through communication lines between the different element systems. Cryptographic transformations have a centuries-old history as a method of warning against unauthorized access to information. Currently, a large number of different encryption methods and the theoretical and practical basis of their application have been created.
Web technologies are used to develop and deliver training courses, lead
to the development of a new model, learning paradigm [3].
The emergence of new powerful computers, network technologies, and neural computing has led to the decline of cryptographic systems, which until recently were practically unbreakable.
The computer industry also includes the ever-evolving software viruses that plague the entire world. Hackers are constantly trying to break into various networks and systems, forcing the creation of stronger defenses. These are the part of the damage done to software developers. A lot of financial resources are spent on fighting the viruses. The main victory in this field has not been won yet. This is not surprising, as the computer industry is in the stage of development. In addition, this part of the market is a source of high income. An example of this is the Microsoft company, which has grown from a small group of developers to a huge enterprise with high profits in a few years. So, if there is a high income, then there are those who wish to obtain a part of it illegally.
When realizing a security threat, an attacker can use various vulnerabilities, including an insufficient
level of protection, imperfection of system and application software, as well as protocols for network interaction of an information system [4].
Thus, the information protection is one of the most important problems in the development of information technologies.
Problems related to information protection are multifaceted. Protection of information in limited access systems is discussed in the research work. The research object is distance education systems. These systems are the best example of software running in limited access mode. Most distance education systems work in this mode. Restricted access means that the user can perform any activity with the program without outside control.
Today, many experts in the field of education hope to improve the quality of teaching on a mass scale with modern personal computers. Mainly, the time of organizing individual work and external control [1, 2, 5]. However, many problems arise during the implementation of this issue. One of these problems is that there is no systematic, unifying beginning in the creation of automated distance learning systems (ADLS). As a result, all ADLSs are unique, interrupted, and do not overlap with any parameters. From here comes the repetition of the preparation of electronic textbooks, their always high prices without a quality guarantee, difficulties in organizing external control, poor integration of traditional textbooks with computer textbooks, and others. All these difficulties constitute a gap in the computerization of education. Without filling this gap, it will be difficult to hope for the successful implementation of programs for the development of a unified educational information environment.
The most important problem in the field of organizing independent work, especially in external computer control, is weak protection against "hacking" of educational software for the purpose of accessing correct answers and falsifying control results [6, 7, 8]. This problem arises from the fact that modern control systems are mainly based on the anthromorphic principle. The essence of this principle is that during the automation of teaching, the computer's memory is used to store the answers together with the tasks. Usually they are encrypted, but practice shows that they can always be deciphered.
There is also the problem of protecting the educational software code from being modified to change the test scoring algorithm or other code. All this creates difficulties when conducting control in distance education systems. During remote monitoring, no one can guarantee that monitoring programs have not been "hacked" in the process of monitoring. In this regard, the exam is possible only when the teacher goes to the distance learner. In this case, objectivity is not guaranteed. Recently, a new form of the exam called "distributed" has appeared. This approach is intended for part-time students. In this case, only questions are sent to distance learning students. Students answer them and send the results to the distance learning center. Such a form ensures the objectivity of the exam, but it is not very popular. Because students want to know their results immediately after the exam. In this form, the results are known after a few days.
Thus, the study of the methods of creating defense systems of distance education programs is of great practical importance. The purpose of the research work is the analysis of information protection methods without the use of auxiliary hardware and the creation of an integrated package of software modules operating in a limited mode outside of a reliable computing environment.
In order to achieve the set goal, the following issues are raised in the scientific-research work with the issue of ADLS:
1. Allocation of key objects to be protected.
2. Development of defense methods against massive attempts to modify the code of ADLS outside the trusted computing environment.
3. Development of data protection methods in educational systems and knowledge testing outside the trusted computing environment.
4. Conducting the analysis of the prepared methods and proposing the possibilities of their application methods.
The following points can be attributed to the advantages of applying the polymorphic algorithm of encryption for ADLS - similar systems:
• poor visibility of the principle of establishing a defense system;
• the difficulty of creating universal tools for reviewing the defense system;
• easy implementation of asymmetric encryption system;
• the possibility of easy, quick adaptation and complication of such a system;
• the possibility of expanding the virtual machine in order to hide part of the code.
Polymorphic encryption and decryption algorithms are always created in pairs, their production mechanism is similar, and they are implemented with one code. The only difference is the use of blocks that perform inverse transformations. Let's consider how an encryption/decryption algorithm is generally described. The out-of-the-box encryption/decryption algorithm is supposed to be fast. First, we can consider a virtual machine that demonstrates the operation of the encryption/decryption algorithms. Then we can directly consider the polymorphic code construction algorithm and calculate the probability of generating identical algorithms and ways to increase the complexity of polymorphic algorithms.
Let us outline the generated encryption/decryption algorithms. They consist of eight functional blocks, some of which are repeatable. Figure 1 shows the block diagram of the operation of the encryption/decryption algorithm. Repeated blocks are marked with a background color. The number of such blocks is randomly selected during the generation of each pair of new algorithms.
^Starting
Enter the address of the block of data to be encrypted decrypted into the R1 register/variable
1
Entering the size of the data block into the R2 register variable
2
To enter the constant involved in the conversion into the R3 register/variable
3
4
5
_i_
R2 =R2 - 1
The command that concludes the work of the algorithm
Figure 1. Abstract scheme of operation of encryption/decryption algorithm
8
Note that the virtual machine uses a virtual register and memory in its work. The initial content of the virtual memory and the generated algorithm itself are stored in the file. For example, it is written in virtual memory how many bytes should be decoded. Some of the memory's virtual registers and virtual slots hold garbage and are unused or used in empty blocks. Empty blocks are not functional and their writing is omitted. In the schematic, the registers/slots of the arbitrary memory are denoted by the numeral R. A polymorphic generator randomly selects which register or slot of memory will work in each particular encryption/decryption algorithm. Let's take a closer look at each functional block.
1st block enters the address of the block of data to be encrypted/decrypted into a virtual register or variable (let's denote it by R1). For a virtual machine, this address is always zero. The fact is that whenever a virtual instruction to modify data is executed, the virtual machine adds the actual address in memory to this address and performs an operation with it. R1 can be thought of as an index into a zero-addressable encrypted/decrypted array of data. 2nd block stores the size of the data block in a virtual register or variable (let's denote it by R2). R2 acts as a counter during the data conversion cycle. Note that its size is always 4 times smaller than the actual size of the encrypted/decrypted data. This is due to the fact that polymorphic algorithms always work with a block of data that is divisible by 4 bytes. Conversion operations are performed on blocks divided by 4 bytes. Data equalization per 4 bytes will be left to high-level mechanisms using virtual machine and data encryption/decryption algorithms. The question arises as to how the algorithm "knows" what size block to encrypt, because it does not have such information. He simply takes the necessary price from the memory slot. The virtual machine only knows about this memory slot and writes the appropriate value there before the polymorph algorithm is executed. 3rd block places the constant involved in the conversion into a virtual register or variable (let's denote it by R3). This constant may not be used for later data conversion, it all depends on what code is being generated. Block 3 can be repeated several times. A whole set of different transformations is performed on the data, each of which involves different registers/variables initialized in 3rd block. 4th block can be called the main one. He, or rather, such a set of blocks encrypts/decrypts data. The number of such blocks is random and is equal to the number of blocks number 3. It is not necessary to use the price from R3 at the time of conversion. For example, instead of R3, a constant or a value from a calculator can be used. 5th block is for increasing R1 by one unit. In all other blocks, this operation can be performed differently, that is, using different elementary instructions of the virtual machine. 6 th block makes up the cycle. It decrements the value of R2 by one unit, and if the result is not equal to zero, then the virtual machine proceeds to the execution of the fourth block. 7th block checks the time limit of the algorithm usage. The timeout check code refers to empty commands and can have multiple entries and executions in the code. Just because it belongs to empty blocks of code doesn't mean it doesn't carry functional overhead. It will indeed check the constraint, but it can
be placed arbitrarily in the free spaces between function blocks, just like other free blocks. This block may theoretically not appear among the empty blocks, but at least it needs to be executed once. That is why it is shown as one of the functional blocks. 8th block concludes the work of the algorithm.
In the case of automated distance education, analysis of existing approaches to the organization of data protection in limited access systems has been performed. It was noted that there are many protected educational systems operating on the Internet, but there are practically no protection packages for local use. This is due to the fact that the protected ADLS construction methods are not fully developed. Based on the analysis, an algorithm that allows to increase the protection of ADLS is proposed. A block diagram intended for integration into existing educational systems has been developed for protection when used outside reliable computing systems. As a result, the need to use hardware is completely eliminated.
References
1. Aunapu T.F., Veronskaja M.V. Avtomatizacija obuchenija s pozicij sistemnogo analiza // Upravlenie kachestvom vysshego obrazovanija v uslovijah mnogourovnevoj podgotovki specialistov i vnedrenija obrazovatel'nyh standartov: Tez. dokladov respublikanskoj nauchno-metodicheskoj konferencii.
— Barnaul: Alt. gos. tehn. un-t, 1996. — p. 5 — 6. d
2. Brusencov N.P., Maslov S.P., Ramil' Al'vares H. Mikrokomp'juternaja sistema «Nastavnik». — M.: Nauka, 1990. — 224 p.
3. Ibragimova M.S. Primenenie informacionnyh tehnologij v uslovijah distancionnoj formy obuchenija. Mir nauki, kul'tury, obrazovanija. № 6 (73) 2018. - p. 357-358.
4. Hlystova D.A., Popov K.G. K voprosu o mod-elirovanii ugroz personal'nym dannym pol'zovatelej v sistemah distancionnogo obuchenija obrazovatel'nyh organizacij // Mezhdunarodnyj tudencheskij nauchnyj vestnik. 2016. № 3-1. p. 96-97.
5. Kondratova O.A. Psihologicheskie trebovan-ija k proektirovaniju komp'juternyh uchebnyh sredstv i sistem obuchenija // Problemy gumanizacii i novye metody obuchenija v sisteme inzhenernogo obrazovanija: Tez. dokl. mezhvuzovskoj nauchno-prakticheskoj konferencii. — Novokuzneck: Sib. Gos. gorno-metal-lurgicheskaja akademija, 1995. — p. 78 — 80.
6. Kruchinin V.V., Sitnikova E.A. Problema zashhity komp'juternyh jekzamenacionnyh programm v TMC DO // Sovremennoe obrazovanie: massovost' i kachestvo. Tez. dokl. regional'noj nauchno-metodicheskoj konferencii. — Tomsk: TUSUR, 2001.
— p. 144.
7. Shevelev M.Ju. Avtomatizirovannyj vneshnij kontrol' samostojatel'noj raboty studentov v sisteme distancionnogo obrazovanija /U Distancionno obra-zovanie. Sostojanie, problemy, perspektivy. Tez. dokl. nauchno-metodicheskoj konferencii. — Tomsk: TUSUR, 1997. — p. 49.
8. Shevelev M.Ju. Programmno-apparatnaja sistema kontrolja i zashhity informacii // Sovremennoe obrazovanie: massovost' i kachestvo. Tez. dokl. nauchno-metodicheskoj konferencii 1-2 fevralja 2001 y. — Tomsk: TUSUR, 2001.—p. 99—100.
