Elliptic Curve Pseudorandom Bit Generator with Maximum Period Sequences

Pseudo-random number generator is an important mechanism for cryptographic information protection. It can be used independently to generate special data or as the most important element of security of other mechanisms for cryptographic information protection. The application of transformations in a group of points of elliptic and hypereliptic curves is an important direction for the designing of cryptographically stable pseudo-random sequences generators. This approach allows us to build the resistant cryptographic algorithms in which the problem of finding a private key is associated with solving the discrete logarithm problem. This paper proposes a method for generating pseudo-random sequences of the maximum period using transformations on the elliptic curves. The maximum sequence period is provided by the use of recurrent transformations with the sequential formation of the elements of the point group of the elliptic curve. In this case, the problem of finding a private key is reduced to solving a theoretically complex discrete logarithm problem. The article also describes the block diagram of the device for generating pseudo-random sequences and the scheme for generating internal states of the generator.

PROBABLE APPROACH TO SAFETY ASSESSMENT INFORMATION FROM THREATS

It is well known that the main goal of information protection is to ensure a given level of its security. The specified level of information security is characterized by the state of its protection from threats, which provides an acceptable risk of its destruction, alteration, theft, and blocking. Risks depend on the level of engineering and technical protection of information (ITZI), which is determined by the resources of the system. The more resource for information protection, the higher the level of security. With an unlimited resource, you can get an arbitrarily small probability of a threat being realized.

Modern technologies of protection and processing of confidential documentary information in organizations and institutions of different forms of ownership

The purpose of the article is to establish the features and types of modern documentary information thathas intellectual value; finding out the principles on which to build a secure document flow; characteristics ofthe main technological stages and procedures for the implementation of confidential documents; identifyingthreats that may arise during this process. The methodology consisted of a set of general scientific, specialscientific and specific methods of studying the problem, the application of which allows to achieve the goal.Scientific intelligence was based on the principles of objectivity and integrity. The use of a set of scientificmethods made it possible to study the specifics of valuable documentary information, to find out the mainchannels of information leakage, to trace the stages of document circulation of such business papers. Scientificnovelty. The latest international practices of working with confidential documents are studied. Featuresand types of documentary information that has intellectual value for the entrepreneur are established. Theprinciples on which it is necessary to build a secure document flow are formulated. The main technologicalstages and procedures of execution of confidential documents are outlined. The main threats that may ariseduring this process have been identified. Conclusions. Confidential information allows any company to operatesuccessfully due to the security of information. The importance of such information determines the risk of itsloss. In order to avoid inconveniences related to the loss or theft of information, the institutions should createappropriate services, whose representatives monitor confidential information, document circulation, createdatabases for computers and files for paper media, destroy drafts of confidential documents, store and destroydocuments that are valuable in the prescribed manner.Keywords: execution of a confidential document, secrecy stamp, information protection, technologicalcomplexity, value of documentary information.

DIFFERENTIAL-GAME MODEL OF INFORMATION PROTECTION FOR COMPUTER SYSTEMS OF TRANSPORT INFRASTRUCTURE

The article considers the reliability and protection of information of computer systems of transport infrastructure and describes the synthesis and analysis of differential game models and methods of modeling cyberattack processes on the server of computer information and diagnostic systems of the railway power supply distance. A unified differential-game model of the cyberattack process on the multi-task server of the information-diagnostic computer system of the lower level of the railway has been developed, which allows to obtain optimal strategies for information protection in cyberattacks. The results of modeling the cyberattack process are presented, to assess the integrated indicators of server security, using the optimal strategies for each of the functions. The appearance of the unified model of the computer information system is shown, and the graphs of the transient processes of the probability of the server being in a protected state and the probability of server failure for any of the functionalities are given.

Modern problems of ensuring information security in the educational and pedagogical sphere

The article deals with the problems of information security and its provision in relation to society and its educational environment, processes and relations, subjects and objects. The necessity of forming the corresponding subject-information competence of subjects, personal culture of information security is shown.It is noted that the information security of educational subjects is a specific part of the general security of education as its qualitative development in the developing information society in accordance with its properties and requirements. The concept of information security in the field of education is formulated in the context of a general concept and in the aspect of its specificity in education, its educational and educational processes, as well as in the aspect of personal, psychological, age and other properties of subjects of education. This presupposes the presence of a corresponding purposefulness of general education, which also acquires the quality of informational education, and its expression in the content of education and subject-oriented educational training. In particular, this applies to the general education subject “Informatics” as the main resource of information education, in the process of forming the relevant knowledge, competencies and personal qualities.The necessity of mandatory inclusion of the relevant topics in the content of information education in the context of information security and information protection has been substantiated: the state and problems of information security, personal security; goals and objectives of information security; legal and other aspects of information protection, means of protecting electronic data in the field of education.

GENERAL TECHNOLOGY OF ENCRYPTION AND INTEGRATION OF DATA IN A PATTERN OF A PICTURE OF IMAGES THAT IS RESISTANT TO JPEG COMPRESSION

The object of the thesis is the use of steganographic methods for organizing a covert communication channel in a public channel, providing resistance to lossy compression. The aim of the thesis is to develop an algorithm for embedding data into bitmap images that is resistant to JPEG compression and attacks on the container. In this thesis, the features of the JPEG algorithm are investigated, steganographic methods of information protection are analyzed, and a steganographic algorithm is designed that is resistant to JPEG compression and attacks on the container. Additional security is provided by the polyalphabetic substitution cipher and user secret key used to encrypt the original message. The algorithm was developed using the Python 3 programming language, the NumPy, SciPy, MatPlotLib libraries and the Jupyter Lab package. The task was completed using standard mathematical and statistical methods and tools of the high-level programming language Python 3.