{"id":1076,"date":"2021-01-15T20:08:46","date_gmt":"2021-01-15T18:08:46","guid":{"rendered":"http:\/\/journals.khnu.km.ua\/vestnik\/?p=1076"},"modified":"2021-03-23T12:38:55","modified_gmt":"2021-03-23T10:38:55","slug":"%d0%bc%d0%b5%d1%82%d0%be%d0%b4%d0%b8-%d0%bf%d1%96%d0%b4%d1%81%d0%b8%d0%bb%d0%b5%d0%bd%d0%bd%d1%8f-%d1%85%d0%b5%d1%88-%d1%84%d1%83%d0%bd%d0%ba%d1%86%d1%96%d1%97-%d0%bf%d0%b0%d1%80%d0%be%d0%bb%d1%8e","status":"publish","type":"post","link":"https:\/\/journals.khnu.km.ua\/vestnik\/?p=1076","title":{"rendered":"\u041c\u0435\u0442\u043e\u0434\u0438 \u043f\u0456\u0434\u0441\u0438\u043b\u0435\u043d\u043d\u044f \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u0457 \u043f\u0430\u0440\u043e\u043b\u044e \u043f\u0440\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0456\u0457 \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0456\u0432"},"content":{"rendered":"

\u041c\u0415\u0422\u041e\u0414\u0418 \u041f\u0406\u0414\u0421\u0418\u041b\u0415\u041d\u041d\u042f \u0425\u0415\u0428-\u0424\u0423\u041d\u041a\u0426\u0406\u0407 \u041f\u0410\u0420\u041e\u041b\u042e \u041f\u0420\u0418 \u0410\u0412\u0422\u041e\u0420\u0418\u0417\u0410\u0426\u0406\u0407 \u041a\u041e\u0420\u0418\u0421\u0422\u0423\u0412\u0410\u0427\u0406\u0412<\/p>\n

METHODS OF INCREASING THE PASSWORD HASH FUNCTION AT USER AUTHORIZATION<\/p>\n

<\/a> \u0421\u0442\u043e\u0440\u0456\u043d\u043a\u0438: 225-229. \u041d\u043e\u043c\u0435\u0440: \u21161, 2020 (281)<\/strong>
\n\u0410\u0432\u0442\u043e\u0440\u0438:<\/strong>
\n\u0406.\u041e. \u0420\u041e\u0417\u041b\u041e\u041c\u0406\u0419
\n\u0427\u0435\u0440\u043a\u0430\u0441\u044c\u043a\u0438\u0439 \u043d\u0430\u0446\u0456\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0439 \u0443\u043d\u0456\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442 \u0456\u043c\u0435\u043d\u0456 \u0411\u043e\u0433\u0434\u0430\u043d\u0430 \u0425\u043c\u0435\u043b\u044c\u043d\u0438\u0446\u044c\u043a\u043e\u0433\u043e
\nI.O. ROZLOMII
\nCherkassy Bogdan Khmelnytsky National University
\nDOI:<\/strong> https:\/\/www.doi.org\/10.31891\/2307-5732-2020-281-1-225-229<\/a>
\n\u0420\u0435\u0446\u0435\u043d\u0437\u0456\u044f\/Peer review :<\/strong> 02. 01.2020 \u0440.
\n\u041d\u0430\u0434\u0440\u0443\u043a\u043e\u0432\u0430\u043d\u0430\/Printed :<\/strong> 14.02.2020 \u0440.<\/p>\n

\u0410\u043d\u043e\u0442\u0430\u0446\u0456\u044f \u043c\u043e\u0432\u043e\u044e \u043e\u0440\u0438\u0433\u0456\u043d\u0430\u043b\u0443<\/strong><\/p>\n

\u041f\u0430\u0440\u043e\u043b\u044c\u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u044f \u0454 \u043e\u0434\u043d\u0438\u043c \u0456\u0437 \u0441\u043f\u043e\u0441\u043e\u0431\u0456\u0432 \u0437\u0430\u0445\u0438\u0441\u0442\u0443 \u0456\u0434\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u0439\u043d\u0438\u0445 \u0434\u0430\u043d\u0438\u0445 \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0456\u0432. \u0412 \u0441\u0442\u0430\u0442\u0442\u0456 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u0430\u043d\u0430\u043b\u0456\u0437 \u043e\u0441\u043d\u043e\u0432\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u0456\u0432 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u0457. \u0414\u043e\u0441\u0442\u0443\u043f \u0434\u043e\u00a0 \u0431\u0456\u043b\u044c\u0448\u043e\u0441\u0442\u0456 \u0456\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0456\u0439\u043d\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0442\u0430 web-\u0434\u043e\u0434\u0430\u0442\u043a\u0456\u0432 \u043f\u0435\u0440\u0435\u0434\u0431\u0430\u0447\u0430\u0454 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u043d\u044f \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0445 \u0434\u0430\u043d\u0438\u0445 \u2013 \u043b\u043e\u0433\u0456\u043d\u0443, \u043f\u0430\u0440\u043e\u043b\u044e. \u0417\u0430\u0437\u0432\u0438\u0447\u0430\u0439, \u043f\u0430\u0440\u043e\u043b\u0456 \u0432 \u0431\u0430\u0437\u0456 \u0434\u0430\u043d\u0438\u0445 \u0437\u0431\u0435\u0440\u0456\u0433\u0430\u044e\u0442\u044c\u0441\u044f \u0432 \u0432\u0438\u0433\u043b\u044f\u0434\u0456 \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u0457. \u0412 \u0437\u0432\u2019\u044f\u0437\u043a\u0443 \u0437 \u0446\u0438\u043c, \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0438\u043c \u0454 \u0437\u0430\u0432\u0434\u0430\u043d\u043d\u044f \u0440\u043e\u0437\u0440\u043e\u0431\u043a\u0438 \u043c\u0435\u0442\u043e\u0434\u0456\u0432 \u043f\u0456\u0434\u0441\u0438\u043b\u0435\u043d\u043d\u044f \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u0457 \u043f\u0430\u0440\u043e\u043b\u044e \u043f\u0440\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0456\u0457 \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0456\u0432. \u0412 \u0441\u0442\u0430\u0442\u0442\u0456 \u0440\u043e\u0437\u0433\u043b\u044f\u043d\u0443\u0442\u0456 \u043c\u0435\u0442\u043e\u0434\u0438 \u043f\u0456\u0434\u0441\u0438\u043b\u0435\u043d\u043d\u044f \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u0457 \u043f\u0430\u0440\u043e\u043b\u044e \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0456 n-\u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0445\u0435\u0448\u0443\u0432\u0430\u043d\u043d\u044f \u0442\u0430 salt-hashing. \u041e\u0441\u043e\u0431\u043b\u0438\u0432\u0430 \u0443\u0432\u0430\u0433\u0430 \u0432 \u0441\u0442\u0430\u0442\u0442\u0456 \u0437\u043e\u0441\u0435\u0440\u0435\u0434\u0436\u0435\u043d\u0430 \u043d\u0430 \u0440\u043e\u0437\u0440\u043e\u0431\u0446\u0456 \u043c\u0435\u0442\u043e\u0434\u0456\u0432 \u043f\u0456\u0434\u0441\u0438\u043b\u0435\u043d\u043d\u044f \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u0457 \u043f\u0430\u0440\u043e\u043b\u044e \u0456\u0437 \u0437\u0430\u0441\u0442\u043e\u0441\u0443\u0432\u0430\u043d\u043d\u044f\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0456\u0439 \u043c\u0430\u0442\u0440\u0438\u0447\u043d\u043e\u0433\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0456\u0447\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u0442\u0432\u043e\u0440\u0435\u043d\u043d\u044f. \u0420\u043e\u0437\u0440\u043e\u0431\u043b\u0435\u043d\u0456 \u043c\u0435\u0442\u043e\u0434\u0438 \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u0442\u044c \u043f\u0456\u0434\u0432\u0438\u0449\u0438\u0442\u0438 \u043d\u0430\u0434\u0456\u0439\u043d\u0456\u0441\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044e \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0430 \u0437\u0430 \u0440\u0430\u0445\u0443\u043d\u043e\u043a \u0437\u0431\u0456\u043b\u044c\u0448\u0435\u043d\u043d\u044f \u043a\u0456\u043b\u044c\u043a\u043e\u0441\u0442\u0456 \u043e\u043f\u0435\u0440\u0430\u0446\u0456\u0439 \u043e\u0431\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044f \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u0457 \u043f\u0430\u0440\u043e\u043b\u044e. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0456 \u043f\u043e\u0431\u0443\u0434\u043e\u0432\u0430\u043d\u043e \u0441\u0445\u0435\u043c\u0443 \u0440\u043e\u0437\u0440\u043e\u0431\u043b\u0435\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u0456\u0432 \u0437 \u043f\u043e\u043a\u0440\u043e\u043a\u043e\u0432\u0438\u043c \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u043e\u043c \u0457\u0445 \u0440\u0435\u0430\u043b\u0456\u0437\u0430\u0446\u0456\u0457.
\n\u041a\u043b\u044e\u0447\u043e\u0432\u0456 \u0441\u043b\u043e\u0432\u0430:<\/strong> \u0456\u0434\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u044f \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0430, \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0456\u044f, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u044f, \u0445\u0435\u0448-\u0444\u0443\u043d\u043a\u0446\u0456\u044f, \u043f\u0430\u0440\u043e\u043b\u044c, \u043c\u0430\u0442\u0440\u0438\u0447\u043d\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0456\u0447\u043d\u0435 \u043f\u0435\u0440\u0435\u0442\u0432\u043e\u0440\u0435\u043d\u043d\u044f.<\/p>\n

\u0420\u043e\u0437\u0448\u0438\u0440\u0435\u043d\u0430 \u0430\u043d\u043e\u0442\u0430\u0446\u0456\u044f \u0430\u043d\u0433\u043b\u0456\u0439\u0441\u044c\u043a\u043e\u044e \u043c\u043e\u0432\u043e\u044e<\/strong><\/p>\n

Effective use of web resources is only possible if there are reliable means of protecting the user authentication data. Password authentication is one way to protect user credentials. The simplicity of implementation and logical clarity of operating principles make password authentication systems the most popular. Although there are many threats to this authorization scheme (password picking, traffic analysis, re-authentication request), it is used in most information systems. The basic methods of authentication were analyzed in the article. The access to most information systems and web-applications involves the use of personal data – login, password. Typically, passwords are stored in the database as a hash function. In this regard, it is urgent to develop methods to enhance the password hash function when authorizing users. Methods of password hash enhancement based on n-time hashing and salt-hashing were discussed in the article. Particular attention focuses on the development of methods to enhance the password hash function using matrix cryptographic transformation operations in the article. Two approaches\u00a0 to enhance the password hash function based on the use of matrix cryptographic transformation operations are proposed. The first approach is based that on the\u00a0 entered password calculate the operation of matrix cryptographic transformation, then calculate hash. Another approach is to first calculate the password hash function, followed by the use of matrix cryptographic transformation operations. The developed methods will allow to increase the reliability of the user’s password by increasing the number of operations of calculating the password hash function. As a result, the scheme of the developed methods with a step-by-step algorithm of their realization is constructed.
\nKeywords:<\/strong> user identification, authorization, authentication, hash function, password, matrix cryptographic transformation.<\/p>\n

References<\/strong><\/p>\n

    \n
  1. Pautov, P.A. (2008) The problem of authentication in multilevel applications. Applied Discrete Mathematics, 2, pp. 87\u201390.<\/li>\n
  2. Sabanov, A.G. (2013) Remote authentication reliability research methods. Telecommunication, 4, 263-267.<\/li>\n
  3. Sabanov, A.G. (2011) Authentication in electronic document exchange. Reports of the Tomsk State University of Control Systems and Radio Electronics, 2, pp. 263-266.<\/li>\n
  4. Vlasenko, A.V., Dziuban, P.I. and Timchenko, M.V. (2015) Development of algorithms, tools and methods for user authorization in web applications using hash functions. ASU Newsletter, \u21164 (171), pp. 144\u2013150.<\/li>\n
  5. Ratseev, S. M. (2013) On optimal authentication codes, Systems and Means of Informatics, 1 (23), pp.
    \n53\u201357.<\/li>\n
  6. Aleshnikov, S.I., Demin, S.A. and Fedorov, S.B. (2013) Problems of information security of the organization (enterprise) and ways of their solution. Bulletin of the Kant Baltic Federal University, 1, pp. 147\u2013154.<\/li>\n
  7. Evseev, S. P. and Tomashevskyy, B. P. (2015) Two-factor authentication methods threats analysis. Progressiv informatics technologies. Radio Electronics, Computer Science, Control, 1, pp. 52\u201359.<\/li>\n
  8. Rozlomii, I.O. (2016) Methods for calculating the hash function of an electronic document based on matrix cryptographic transformations. Bulletin of CSTU. Engineering sciences, \u21164, pp. 88\u201394.<\/li>\n
  9. Xiaoyun Wang, Dengguo Feng, Xuejia Lai and Hongbo Yu (2004) Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD. Universitet Shan’don. Kitajskaja Akademija Nauk. Universitet Shanhaj<\/li>\n
  10. Vedenyev, L.T., Afanasyev, A.A. and Afanasyev, A.N. (2012) Authentication. Theory and practice of provision of secure access to information resources: a manual for higher schools. The 2nd ed. 552 pp.<\/li>\n
  11. Rudnitsky, V.M., Babenko, V.G. and Rudnitsky, S.V. (2012) Method of synthesis of matrix models of operations of cryptographic coding and decoding of information. Proceedings of Kharkiv University of the Air Force, \u21164 (33), pp. 198\u2013200.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"

    \u041c\u0415\u0422\u041e\u0414\u0418 \u041f\u0406\u0414\u0421\u0418\u041b\u0415\u041d\u041d\u042f \u0425\u0415\u0428-\u0424\u0423\u041d\u041a\u0426\u0406\u0407 \u041f\u0410\u0420\u041e\u041b\u042e \u041f\u0420\u0418 \u0410\u0412\u0422\u041e\u0420\u0418\u0417\u0410\u0426\u0406\u0407 \u041a\u041e\u0420\u0418\u0421\u0422\u0423\u0412\u0410\u0427\u0406\u0412 METHODS OF INCREASING THE PASSWORD HASH FUNCTION AT USER AUTHORIZATION \u0421\u0442\u043e\u0440\u0456\u043d\u043a\u0438: 225-229. \u041d\u043e\u043c\u0435\u0440: \u21161, 2020 (281) \u0410\u0432\u0442\u043e\u0440\u0438: \u0406.\u041e. \u0420\u041e\u0417\u041b\u041e\u041c\u0406\u0419 \u0427\u0435\u0440\u043a\u0430\u0441\u044c\u043a\u0438\u0439 \u043d\u0430\u0446\u0456\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0439 \u0443\u043d\u0456\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442 \u0456\u043c\u0435\u043d\u0456 \u0411\u043e\u0433\u0434\u0430\u043d\u0430 \u0425\u043c\u0435\u043b\u044c\u043d\u0438\u0446\u044c\u043a\u043e\u0433\u043e I.O. ROZLOMII Cherkassy Bogdan Khmelnytsky National University DOI: https:\/\/www.doi.org\/10.31891\/2307-5732-2020-281-1-225-229 \u0420\u0435\u0446\u0435\u043d\u0437\u0456\u044f\/Peer review : 02. 01.2020 \u0440. \u041d\u0430\u0434\u0440\u0443\u043a\u043e\u0432\u0430\u043d\u0430\/Printed : 14.02.2020 \u0440. \u0410\u043d\u043e\u0442\u0430\u0446\u0456\u044f \u043c\u043e\u0432\u043e\u044e \u043e\u0440\u0438\u0433\u0456\u043d\u0430\u043b\u0443 \u041f\u0430\u0440\u043e\u043b\u044c\u043d\u0430 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[13],"tags":[],"_links":{"self":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts\/1076"}],"collection":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1076"}],"version-history":[{"count":2,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts\/1076\/revisions"}],"predecessor-version":[{"id":5148,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=\/wp\/v2\/posts\/1076\/revisions\/5148"}],"wp:attachment":[{"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/journals.khnu.km.ua\/vestnik\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}