Volodymyr Sokolov

Anatoly Bessalov, Evgeniy Grubiyan, Volodymyr Sokolov et al.

An analysis is made of the properties and conditions for the existence of 3- and 5-isogenies of complete and quadratic supersingular Edwards curves. For the encapsulation of keys based on the SIDH algorithm, it is proposed to use isogeny of minimal odd degrees 3 and 5, which allows bypassing the problem of singular points of the 2nd and 4th orders, characteristic of 2-isogenies. A review of the main properties of the classes of complete, quadratic, and twisted Edwards curves over a simple field is given. Equations for the isogeny of odd degrees are reduced to a form adapted to curves in the form of Weierstrass. To do this, use the modified law of addition of curve points in the generalized Edwards form, which preserves the horizontal symmetry of the curve return points. Examples of the calculation of 3- and 5-isogenies of complete Edwards supersingular curves over small simple fields are given, and the properties of the isogeny composition for their calculation with large-order kernels are discussed. Equations are obtained for upper complexity estimates for computing isogeny of odd degrees 3 and 5 in the classes of complete and quadratic Edwards curves in projective coordinates; algorithms are constructed for calculating 3- and 5-isogenies of Edwards curves with complexity 6M + 4S and 12M + 5S, respectively. The conditions for the existence of supersingular complete and quadratic Edwards curves of order 4x3mx5n and 8x3mx5n are found. Some parameters of the cryptosystem are determined when implementing the SIDH algorithm at the level of quantum security of 128 bits.

Volodymyr Buriachok, Volodymyr Sokolov, Mahyar TajDini

Caller ID parodying produces the valid Caller character, in this manner deciding seem to start from another client. This apparently basic assault strategy has been utilized in the developing communication fake and trick calls, bringing about significant financial trouble. Unfortunately, callerID spoofing is easy to implement but yet it is difficult to have protection against it. In addition, there are not effective and defense solutions available right now. In this research it is suggested the CIVE (Callee Inference & VErification), a compelling and viable guard against Caller ID spoofing. This way it is described how it's possible to lunch call spoofing and between line describe how CIVE approach method can help to prevent somehow this kind of attacks. Caller ID Spoofing could cause huge financial and political issues special nowadays, when many things even sometimes authentication and verification are available by phone call, like banks approving transactions or two factor authentications and many other things. We believe critical industries specially banks and payment service providers should be protected against such vulnerabilities with their system and make an approach to prevent it, also it is very important to learn people specially who has special social place like politicians or celebrities to know such kind of attack are already exist. For this paper we implemented a call from white house to show there is no limitation and no matter whom you try to spoof, but destination which is the victim receive the call and that make this attack vector dangerous. And even modern communication and even devices like 4G and smart phones are not able to prevent or even detect this kind of attack. This study is a demonstration of the vulnerabilities available. All experiments were conducted on isolated mock-ups.

Davyd Kurbanmuradov, Volodymyr Sokolov, Volodymyr Astapenya

The problem of data security in IEEE 802.15.4 systems on Pololu Wixel devices is solved, examples of hardware and software implementation of encryption and decryption of different devices on the same platform are given. The proposed approaches can be used in the development, implementation and operation of wireless enterprise, industrial, and personal systems. Possible areas of development for this work are related to research on improving encryption algorithms (increasing key length, using asymmetric ciphers, etc.), comparing their performance, and implementing a complete data exchange protocol. During the work there were problems in the implementation of encryption algorithms on low-power processors. During the work, a number of issues were resolved regarding type reduction, addressing, memory space, buffer overflow, and more. Issues resolved with reconciliation of receiver and transmitter operation. Examples of hardware and software implementation of encryption and decryption of different devices based on Pololu Wixel are given in the paper. The basic task of building a secure communication channel by encrypting data in the channel was solved and firmware and application software were obtained to fully validate the devices. In addition, this work has great application potential, since the implementation of encryption in existing systems will have a small impact on implementation and will not affect the project budget, but will dramatically improve the security of data transmission in these networks. The proposed approaches can be used in the development, implementation and operation of wireless enterprise, industrial, and personal systems. Continuing this work may be to test the performance of other protocols on this and similar hardware for systems that may be embedded in short-range wireless communication projects of short-range standards.

Mahyar TajDini, Volodymyr Sokolov, Volodymyr Buriachok

The article presents a method of organizing men-in-the-middle attack and penetration test on Bluetooth Low Energy devices and ZigBee packets using software define radio with sniffing and spoofing packets, capture and analysis techniques on wireless waves with the focus on Bluetooth. The paper contains the analysis of the latest scientific work in this area, provides a comparative analysis of SDRs and the rationale for the choice of hardware, gives the sequence of actions for collecting wireless data packets and data collection from ZigBee and BLE devices, and analyzes ways to improve captured wireless packet analysis techniques. For the study collected experimental setup, the results of which are analyzed in real time. The collected wireless data packets are compared with those sent. The result of the experiment shows the weaknesses of local wireless networks.

Volodymyr Buriachok, Volodymyr Sokolov, Pavlo Skladannyi

The paper examines quantitative assessment of wireless distribution system security, as well as an assessment of risks from attacks and security violations. Furthermore, it describes typical security breach and formal attack models and five methods for assessing security. The proposed normalized method for assessing the degree of security assurance operates with at least three characteristics, which allows comparatively analyze heterogeneous information systems. The improved calculating formulas have been proposed for two security assessment methods, and the elements of functional-cost analysis have been applied to calculate the degree of security. To check the results of the analysis, the coefficient of concordance was calculated, which gives opportunity to determine the quality of expert assessment. The simultaneous use of several models to describe attacks and the effectiveness of countering them allows us to create a comprehensive approach to countering modern security threats to information networks at the commercial enterprises and critical infrastructure facilities.

Mahyar Taj Dini, Volodymyr Sokolov

The rapid development of "smart" devices leads to explosive growth of unprotected or partially protected home networks. These networks are easy prey for unauthorized access, the collection of personal information (including from surveillance cameras), interference in the operation of individual devices and the entire system as a whole. In addition, existing solutions for managing a smart house offer work in the cloud, which in turn reduces the availability of the system and simultaneously increases the risk of the unscrupulous use of personal information by the service provider (up to the sale of data to a third party). This article examines the existing access technologies, their weaknesses, and offers solutions to improve the overall security of the system with a local IoT gateway and virtual subnets.

Mahyar Taj Dini, Volodymyr Sokolov

This article discusses the available Software Defined Radios (SDRs), compatible software, message formats, and also shows how it is possible to do penetration tests using SDR for Bluetooth Low Energy (BLE) and ZigBee technologies.

Volodymyr Buriachok, Volodymyr Sokolov

The article introduces a new scheme of dynamic interference free channel allocation. The scheme is based on additional spectral analyzers in wireless networks IEEE 802.11. Design and implementation is presented.

Volodymyr Buriachok, Volodymyr Sokolov

This article attempts to create a software and hardware complex that can work autonomously and demonstrates the ease of implementation of attacks on denial of service on wireless networks, which in turn emphasizes the need to provide comprehensive protection of wireless networks.