Безопасность информационных технологий (May 2018)
A secure mutual authentication procedure, generate the key fiscal basis, and fiscal data protection
Abstract
The paper describes cryptographic transformation for mutual authentication and creation of the fiscal sign key. This transformation based on using block encryption cipher named «Kuznetchik», described in the national standard of the Russian Federation GOST R 34.12-2015 and realized in gamma generation mode as it is described in the another national standard of the Russian Federation GOST R 34.13-2015. The function of the integrity protection (authentication code) is defined by the recommendation for standardization R 50.1.113–2016. The solution proposed in this paper is aimed for an authentication and integrity control of fiscal data transmitted through communication channels between fiscal storage devices and fiscal data operators, as well as between the fiscal data operators and the authorized agency. Formats of transmitted fiscal data, methods of transmission and mechanisms to ensure the confidentiality of transmitted fiscal data determined by the authorized agency of the Federal Executive power. The article gives a short description of the protocol model, a formal analysis of passive attacks in the assumption that the cryptographic properties of the protocol depends on the feature of cryptographic transformations used, which are standardized solutions regulated by national standards, or national recommendations for standardization. Since the cryptographic transformations could not be compromised by the intruder we can conclude that the intruder also can not compromise the fiscal signs protection protocol.
Keywords
