Персона: Запечников, Сергей Владимирович
Загружается...
Email Address
Birth Date
Научные группы
Организационные подразделения
Организационная единица
Институт интеллектуальных кибернетических систем
Цель ИИКС и стратегия развития - это подготовка кадров, способных противостоять современным угрозам и вызовам, обладающих знаниями и компетенциями в области кибернетики, информационной и финансовой безопасности для решения задач разработки базового программного обеспечения, повышения защищенности критически важных информационных систем и противодействия отмыванию денег, полученных преступным путем, и финансированию терроризма.
Статус
Фамилия
Запечников
Имя
Сергей Владимирович
Имя
9 results
Результаты поиска
Теперь показываю 1 - 9 из 9
- ПубликацияТолько метаданныеProtocols for Secure Management of Multidimensional Data Arrays(2019) Gorlatykh, A.; Zapechnikov, S.; Запечников, Сергей ВладимировичPopular technologies such as data mining and online analytical processing are widely known as technologies heavy-based on the usage of multidimensional data structures. However, at the same time, development of the security countermeasures leaves much to be desired. Currently, there is no complex multidimensional data processing system capable to ensure proper security levels exist. In the paper, we propose security protocols which formed the basis of our solution aimed to provide security for multidimensional data storage and processing. We describe basic protocols for data read and write operations adopted for the features of multidimensional data structures and security assumptions.
- ПубликацияТолько метаданныеPrоtоcоls fоr secure management оf multidimensiоnal data arrays(2019) Gorlatykh, A.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2019 IEEE Pоpular technоlоgies such as data mining and online analytical prоcessing are widely knоwn as technоlоgies heavy-based оn the usage оf multidimensiоnal data structures. Hоwever, at the same time, develоpment оf the security cоuntermeasures leaves much tо be desired. Currently, there is nо cоmplex multidimensiоnal data prоcessing system capable tо ensure prоper security levels exist. In the paper, we prоpоse security prоtоcоls which fоrmed the basis оf оur sоlutiоn aimed tо prоvide security fоr multidimensiоnal data stоrage and prоcessing. We describe basic prоtоcоls fоr data read and write оperatiоns adоpted fоr the features оf multidimensiоnal data structures and security assumptiоns.
- ПубликацияТолько метаданныеPost-quantum security of communication and messaging protocols: Achievements, challenges and new perspectives(2019) Bobrysheva, J.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2019 IEEE Widely used communication and messaging protocols, e.g., TLS 1.3 and Signal, are insecure against an adversary with a quantum computer. We expect that post-quantum security will become mandatory for a new generation of cryptographic protocols in the nearest 10-15 years. The analysis of existing post-quantum secure cryptographic tools for key exchange, encryption and message authentication based on hard problems in codes, lattices, ring learning with errors and elliptic curve isogenies revealed their advantages and drawbacks. In particular, we conclude, that the main threat to communication and messaging protocols is only pre-quantum security of currently used Diffie-Hellman key exchange protocols. We summarize efficiency and safety results for each class of post-quantum cryptographic schemes and present an experimental implementation of isogeny-based Diffie-Hellman-like key exchange protocol as an illustration of their applicability.
- ПубликацияТолько метаданныеOrder-preserving Encryption as a Tool for Privacy-Preserving Machine Learning(2020) Lisin, N.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2020 IEEE.An order-preserving encryption is an encryption scheme based on strictly increasing functions. It allows mapping a set of plaintext into a set of ciphertexts with the order relation specified on a set of plaintexts. Thus, data comparisons and search for the minimum or maximum elements become possible without decrypting data. This type of encryption is mainly used to protect cloud databases in the case when it is necessary to make queries to them. However, it is almost not used in privacy-preserving data mining and machine learning. Nevertheless, it is possible to use this type of encryption in privacy-preserving machine learning, but only for certain algorithms. In this paper, we consider some existing order-preserving encryption schemes and suggest some cases of machine learning, where they can be applied to obtain correctly working privacy-preserving machine learning algorithms. An explanation is also given how and why it is possible to apply order-preserving encryption to these algorithms.
- ПубликацияТолько метаданныеPost-Quantum Security of Messaging Protocols: Analysis of Double Ratcheting Algorithm(2020) Bobrysheva, J.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2020 IEEE.Development in the area of quantum technologies led to the appearance of first quantum computers. The threat of using a quantum computer for cryptanalysis requires wide implementing post-quantum security in computing algorithms and communication protocols. We evaluate the computational power of some existing quantum computers to illustrate the relevance of research in post-quantum security. One of the best ways to test post-quantum protocols is to embed them into some non-critical but widely-used sphere. Secure messaging is an excellent example of such an application. In the paper, we analyze the post-quantum security of well-known messaging specification Signal, which is considered to have high-security properties. The core of Signal specification is the Double Ratchet protocol. We notice and explain why it is not a post-quantum secure scheme. After that, we suggest some possible ways to improve the security features of Signal specification.
- ПубликацияТолько метаданныеMethods and Algorithms for Detecting Compromise of Secret Keys(2020) Kuzmicheva, S.; Kiryakina, M.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2020, Springer Nature Switzerland AG.It is not uncommon for a single user to use multiple devices to access applications, such as messengers. The legitimacy of using client devices and access rights should be monitored to ensure the necessary level of information security. In the paper authors analyze and discuss some approaches to detect unauthorized usage of cryptographic keys. The first approach is known as trace-independent inconsistency, the second approach is an observation of contradiction, the third approach called an observation of acausality. All three approaches are based on the additional dedicated audit service to the application under protection. The main result of our investigation is the technique for applying these principles to the secure communication and messaging protocols. In the paper authors suggest a cryptographically protocol for detecting compromise of secret keys based on blockchain technology.
- ПубликацияТолько метаданныеMethods and Approaches for Privacy-Preserving Machine Learning(2020) Lisin, N.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2020, Springer Nature Switzerland AG.One of the main problems of machine learning is the need for a large amount of memory and a long learning time. To solve this problem, many companies prefer to store their data and training models on remote servers. However, not all data and models can be stored in the plaintext without any protection. In many areas (for example, banking or medical), the privacy of data and models is very important. To ensure confidentiality, a privacy-preserving machine learning application is a good solution. This article discusses two main approaches to privacy-preserving machine learning (cryptographic and perturbation), describes methods for ensuring privacy, which they include, and provides examples of using of some methods in practice.
- ПубликацияТолько метаданныеA Technique of Protocol Construction for Detecting Compromises of Secret Keys(2020) Kiryakina, M.; Kuzmicheva, S.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2020 IEEE.Currently a single user often utilizes multiple devices to get access to applications, for example, messengers. A way to provide the necessary level of information security is monitoring the legitimacy of using client devices according to a set of access rights. In this paper, we suggest a cryptographic protocol for detecting compromises of secret keys based on blockchain technology. In contrast with currently available solutions, the blockchain-based protocol allows controlling usage of all long-term cryptographic keys, as well as every key in a chain of short-term keys. Besides that, an additional audit service can be used for monitoring secure messaging protocols. Moreover, the protocol includes an authentication service for users. All these techniques make the idea of blockchain-based protocol promising.
- ПубликацияТолько метаданныеThe Relevance of Using Post-quantum Cryptography on the Isogenies of Elliptic Curves for Mobile Application Protection(2020) Bobrysheva, J.; Zapechnikov, S.; Запечников, Сергей Владимирович© 2020, Springer Nature Switzerland AG.The article is a brief overview of the relevance of using cryptographic protocols on isogenies of elliptic curves in mobile applications. The article briefly describes the current situation in the field of cryptography that has arisen in connection with the development of a new generation of computer technology, namely, quantum computers. The article describes the stages of standardization of post-quantum cryptography in accordance with the NIST competition. The article contains a comparison of post-quantum algorithms in terms of cryptographic stability and speed, defines of advantages and disadvantages of protocols on isogenies of elliptic curves, and results of studies on the implementation of the protocols on isogenies of elliptic curves on mobile platforms. The main goal of the article is to consider the possibility of using protocols on the isogeny of elliptic curves for practical purposes to protect confidential information in mobile systems and applications.