Застосування комерційних криптографічних протоколів для вирішення військових завдань

DOI №______

  • Савченко В. (Savchenko V.) Державний університет телекомунікацій, Київ
  • Довбешко С. (Dovbeshko S.) Державний університет телекомунікацій, Київ
  • Мацько О. (Matsko O.) Національний університет оборони України імені Івана Черняховського


This article attempts to explore commercial encryption protocols for data transmitting within military applications. Nowadays the military means of secure communication and data transmitting cannot cover all informational requirements for combat applications because of organizational and physical security issues. At the same time the problem of secure communication on the front line grows day by day. The common idea of secure commercial-of-the-shelf protocols (PPTP, IPSec, SSL, TLS, SSH, HTTPS, PGP, DNSSEC, SMIME) usage within military domains is not new but for this moment it doesn‟t have any real detailed description because of vulnerabilities of these protocols. The original idea highlighted in this paper is in double-layered point-to-point commercial encryption system based on the most reliable open-source protocols in Virtual Private Networks (VPN) architecture.

Keywords: Commercial-of-the-Shelf; Encryption; Virtual Private Network.

1. Keller, J. Military crypto modernization leads to applications like smartphones, tablet computers on the battlefield [on line]. Military & Aerospace Electronics, November 28, 2011. [cited 2016-04-16]. Available from: <http://www.militaryaerospace.com/articles/2011 /11/military-crypto-modernization.html>.
2. Ponemon 2014 SSH Security Vulnerability Report [on line]. Venafi, Inc. Ponemon Institute, 2014. [cited 2016-04-16]. Available from: <https://www.venafi.com/ assets/pdf/Ponemon_2014_SSH_Security_Vulnerability_Report.pdf./>.
3. Introduction to PPTP - Point-to-Point Tunneling Protocol [on line]. About.com, April 15, 2016. [cited 2016-04-16]. Available from: <http://compnetworking.about.com/od/vpn /l/aa030103a.htm>.
4. Crawford, D. PPTP vs L2TP vs OpenVPN vs SSTP vs IKEv2 [on line]. BestVPN, December 18, 2014. [cited 2016-04-16]. Available from: <https://www.bestvpn. com.blog/4147/pptp-vs-l2tp-vs-openvpn-vs-sstp-vs-ikev2/>/.
5. Clark, D. (March 14, 2002). Vulnerability‟s of IPSEC: A discussion of possible weaknesses in IPSEC implementation and protocols [on line]. SANS Institute, April 15, 2016. [cited 2016-04-16]. Available from: <http://www.sans. org/reading-room/whitepapers/vpns/vuln erabilitys-ipsec-discussion-weaknesses-ipsec-implementatio n-pro-760>.
6. Westin, K. SSL v3 “POODLE” Vulnerability Revealed (CVE-2014-3566) [on line] The State of Security, October 14, 2014. [cited 2016-04-16]. Available from: <http://www.tripwire.com/state-of-security/vulnerability-management/ssl-v3-poodle-vulnerability-revealed-cve%C2%AD-2014-%C2%AD3566/>.
7. Ross, D. E. PGP: Holes, Weaknesses, and Flaws [on line]. David Ross Page, 2010. [cited 2016-04-16]. Available from: <http://www.rossde.com/PGP/pgp_weak.html>.
8. Mitchell, C. J. Security vulnerabilities in DNS and DNSSEC [on line]. Chrismitchell.net, 2014. [cited 2016-04-16]. Available from: <http://www.chrismitchell.net/svidad.pdf>.
9. Vulnerability Note VU#836068. MD5 vulnerable to collision attacks. CERT, 2009. [cited 2016-04-16]. Available from: <www.kb.cert.org/vuls /id/836068>.
10. Cheng, J. Researchers: 307-digit key crack endangers 1024-bit RSA [on line]. ArcTechnica, May 23, 2007. [cited 2016-04-16]. Available from: <http://arstechnica. com/uncategorized/2007/05/researchers-307-digit-key-crack-endangers-1024-bit-rsa/>.
11. Walker, J. When Will We See Collisions for SHA-1? [on line] Schneijer, 2012. [cited 2016-04-16]. Available from: <https://www.schneier.com/blog/archives/2012/10/when_will_ we_se.html>.