<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Publishing DTD v1.3 20210610//EN" "JATS-journalpublishing1-3.dtd">
<article article-type="research-article" dtd-version="1.3" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xml:lang="ru"><front><journal-meta><journal-id journal-id-type="publisher-id">tuzsut</journal-id><journal-title-group><journal-title xml:lang="ru">Труды учебных заведений связи</journal-title><trans-title-group xml:lang="en"><trans-title>Proceedings of Telecommunication Universities</trans-title></trans-title-group></journal-title-group><issn pub-type="ppub">1813-324X</issn><issn pub-type="epub">2712-8830</issn><publisher><publisher-name>СПбГУТ</publisher-name></publisher></journal-meta><article-meta><article-id pub-id-type="doi">10.31854/1813-324X-2021-7-3-79-90</article-id><article-id custom-type="elpub" pub-id-type="custom">tuzsut-180</article-id><article-categories><subj-group subj-group-type="heading"><subject>Research Article</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="ru"><subject>ИНФОРМАЦИОННЫЕ ТЕХНОЛОГИИ И ТЕЛЕКОММУНИКАЦИИ</subject></subj-group><subj-group subj-group-type="section-heading" xml:lang="en"><subject>INFORMATION TECHNOLOGIES AND TELECOMMUNICATION</subject></subj-group></article-categories><title-group><article-title>Способ аутентификации значений Диффи ‒ Хеллмана на основе предварительно распределенных случайных последовательностей и алгоритма аутентификации Вегмана ‒ Картера с одноразовым ключом</article-title><trans-title-group xml:lang="en"><trans-title>Method for Authentication of Diffie ‒ Hellman Values Based on Pre-Distributed Random Sequences and Wegman ‒ Carter One-Time Pad Algorithm</trans-title></trans-title-group></title-group><contrib-group><contrib contrib-type="author" corresp="yes"><name-alternatives><name name-style="eastern" xml:lang="ru"><surname>Яковлев</surname><given-names>В. А.</given-names></name><name name-style="western" xml:lang="en"><surname>Yakovlev</surname><given-names>V.</given-names></name></name-alternatives><bio xml:lang="ru"><p>Яковлев Виктор Алексеевич, доктор технических наук, профессор, профессор кафедры защищенных систем связи</p><p>Санкт-Петербург, 193232</p></bio><bio xml:lang="en"><p>St. Petersburg, 193232</p></bio><email xlink:type="simple">viyak@bk.ru</email><xref ref-type="aff" rid="aff-1"/></contrib></contrib-group><aff-alternatives id="aff-1"><aff xml:lang="ru"><institution>Санкт-Петербургский государственный университет телекоммуникаций им. проф. М.А. Бонч-Бруевича</institution><country>Россия</country></aff><aff xml:lang="en"><institution>The Bonch-Bruevich Saint-Petersburg State University of Telecommunications</institution><country>Russian Federation</country></aff></aff-alternatives><pub-date pub-type="collection"><year>2021</year></pub-date><pub-date pub-type="epub"><day>05</day><month>10</month><year>2021</year></pub-date><volume>7</volume><issue>3</issue><fpage>79</fpage><lpage>90</lpage><permissions><copyright-statement>Copyright &amp;#x00A9; Яковлев В.А., 2021</copyright-statement><copyright-year>2021</copyright-year><copyright-holder xml:lang="ru">Яковлев В.А.</copyright-holder><copyright-holder xml:lang="en">Yakovlev V.</copyright-holder><license xml:lang="ru" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>Данная работа распространяется под лицензией Creative Commons Attribution 4.0.</license-p></license><license xml:lang="en" license-type="creative-commons-attribution" xlink:href="https://creativecommons.org/licenses/by/4.0/" xlink:type="simple"><license-p>This work is licensed under a Creative Commons Attribution 4.0 License.</license-p></license></permissions><self-uri xlink:href="https://tuzs.sut.ru/jour/article/view/180">https://tuzs.sut.ru/jour/article/view/180</self-uri><abstract><p>Исследуется способ аутентификации ключей, формируемых методом Диффи ‒ Хеллмана, в условиях применения злоумышленником атаки «человек-посередине». Предполагается, что пользователи Алиса и Боб, формирующие ключ, имеют предварительно распределенные случайные цепочки бит a и b соответственно, полученные либо от некоторого источника, либо сгенерированные ими самими на основе данных, полученных от магнитометров или акселерометров из состава мобильных устройств. Злоумышленник не имеет доступа к этим цепочкам. Предложен способ аутентификации значений Диффи ‒ Хеллмана (DH-значений). С этой целью сообщение (DH-значение) Алисой разделяется на N блоков. Для каждого блока вычисляется аутентификатор с использованием алгоритма Вегмана ‒ Картера с одноразовым ключом, в качестве которого используются последовательности a и b. DH-значение и аутентификаторы передаются по каналу Бобу, который вычисляет аутентификаторы от принятого DH-значения и сравнивает их с аутентификаторами, принятыми из канала. Если число не аутенифицированных блоков не превышает установленный порог, то аутентификация DH-значения считается успешной. Особенность решения данной задачи состоит в том, что последовательности a и b в точности не совпадают. Выведены соотношения для оценивания вероятности ложного отклонения DH-значения (из-за несовпадения цепочек a и b) и вероятности навязывания ложного DH-значения. Проведена оптимизация параметров способа (количества подблоков и длины аутентификатора), при которых минимизируется расход ключа аутентификации (цепочек a и b) при выполнении заданных требований по вероятности подмены и вероятности ложного отклонения DH-значения. Приведены примеры выбора параметров аутентификации DH-значения длиной 256 бит. Показана возможность обеспечения достаточно малых значений вероятности ложного отклонения DH-значения и вероятности навязывания ложного DH-значения (106).</p></abstract><trans-abstract xml:lang="en"><p>A method of authentication of keys generated by the Diffie-Hellman method is investigated in the context of the use of a man-in-the-middle attack by an attacker. It is assumed that the users Alice and Bob, who form the key, have pre-distributed random bit strings a and b, respectively, obtained either from some source or generated by themselves based on data obtained from magnetometers or accelerometers from mobile devices. The attacker has no access to these chains. A method for authenticating Diffie ‒ Hellman values (DH values) is proposed. For this purpose, the message (DH-value) is divided by Alice into N blocks. For each block, an authenticator is calculated using the Wegman ‒ Carter algorithm with a one-time pad keys, which are sequences a and b. The DH-value and authenticators are transmitted over the channel to Bob, who calculates authenticators from the received DH-value and compares them with the authenticators received from the channel. If the number of unauthenticated blocks does not exceed the set threshold, then DH-value authentication is considered successful. But the drawback of this method is a little disagreement between authenticating strings of different users. The formulas for probabilities of the undetected deception and the false alarm (due to the mismatch of chains a and b) are proved. The optimization of the method parameters (the number of blocks and the length of the authenticator) is carried out, at which the consumption of the authentication key (chains a and b) is minimized when the specified requirements for the probability of the undetected deception and the false alarm are met. Examples of the choice of authentication parameters for a 256-bit DH-value are given.</p></trans-abstract><kwd-group xml:lang="ru"><kwd>метод Диффи ‒ Хеллмана</kwd><kwd>аутентификациа</kwd><kwd>униферсальные хэш-функции</kwd><kwd>аутентификация Вегмана ‒ Картера</kwd></kwd-group><kwd-group xml:lang="en"><kwd>Diffie ‒ Hellman method</kwd><kwd>authentication</kwd><kwd>universal hash functions</kwd><kwd>Wegman ‒ Carter one-time pad authentication</kwd></kwd-group></article-meta></front><back><ref-list><title>References</title><ref id="cit1"><label>1</label><citation-alternatives><mixed-citation xml:lang="ru">Diffie M., Hellman M. New directions in cryptography // IEEE Transactions on Information Theory. 1976. Vol. 22. Iss. 6. PP. 644–654. DOI:10.1109/TIT.1976.1055638</mixed-citation><mixed-citation xml:lang="en">Diffie M., Hellman M. New directions in cryptography. IEEE Transactions on Information Theory. 1976;22(6):644–654. DOI:10.1109/TIT.1976.1055638</mixed-citation></citation-alternatives></ref><ref id="cit2"><label>2</label><citation-alternatives><mixed-citation xml:lang="ru">Mirzadeh S., Cruickshank H., Tafazolli R. Secure Device Pairing: A Survey // IEEE Communications Surveys &amp; Tutorials. 2014. Vol. 16. PP. 17–40. DOI:10.1109/SURV.2013.111413.00196</mixed-citation><mixed-citation xml:lang="en">Mirzadeh S., Cruickshank H., Tafazolli R. Secure Device Pairing: A Survey. IEEE Communications Surveys &amp; Tutorials. 2014;16:17–40. DOI:10.1109/SURV.2013.111413.00196</mixed-citation></citation-alternatives></ref><ref id="cit3"><label>3</label><citation-alternatives><mixed-citation xml:lang="ru">Zeng K. Physical layer key generation in wireless networks: challenges and opportunities // IEEE Communications Magazin. 2015. Vol. 53. Iss. 4. PP. 20–27. DOI:10.1109/MCOM.2015.7120014</mixed-citation><mixed-citation xml:lang="en">Zeng K. Physical layer key generation in wireless networks: challenges and opportunities. IEEE Communications Magazine. 2015;53(4):20–27. DOI:10.1109/MCOM.2015.7120014</mixed-citation></citation-alternatives></ref><ref id="cit4"><label>4</label><citation-alternatives><mixed-citation xml:lang="ru">Zhang J., Duong T.Q., Marshall A., Woods R. Key Generation from Wireless Channels: a Review // IEEE Access. 2016. Vol. 4. PP. 614–626. DOI:10.1109/ACCESS.2016.2521718</mixed-citation><mixed-citation xml:lang="en">Zhang J., Duong T.Q., Marshall A., Woods R. Key Generation from Wireless Channels: a Review. IEEE Access. 2016;4: 614–626. DOI:10.1109/ACCESS.2016.2521718</mixed-citation></citation-alternatives></ref><ref id="cit5"><label>5</label><citation-alternatives><mixed-citation xml:lang="ru">Jin R., Shi L., Zeng K., Pande A., Mohapatra P. MagPairing: Pairing Smartphones in Close Proximity Using Magnetometer // IEEE Transactions on Information Forensics and Security. 2016. Iss. 6. PP. 1304–1319. DOI:10.1109/TIFS.2015.2505626</mixed-citation><mixed-citation xml:lang="en">Jin R., Shi L., Zeng K., Pande A., Mohapatra P. MagPairing: Pairing Smartphones in Close Proximity Using Magnetometer. IEEE Transactions on Information Forensics and Security. 2016;6:1304–1319. DOI:10.1109/TIFS.2015.2505626</mixed-citation></citation-alternatives></ref><ref id="cit6"><label>6</label><citation-alternatives><mixed-citation xml:lang="ru">Mc Cune J., Perring A., Reiter M. Seeing-is-believing: using camera phones for human-verifiable authentication // Proceedings of the Symposium on Security and Privacy (S&amp;P'05, Oakland, USA, 8–11 May 2005). IEEE, 2005. PP. 110–124. DOI:10.1109/SP.2005.19</mixed-citation><mixed-citation xml:lang="en">Mc Cune J., Perring A., Reiter M. Seeing-is-believing: using camera phones for human-verifiable authentication. Proceedings of the Symposium on Security and Privacy, S&amp;P'05, 8–11 May 2005, Oakland, USA. IEEE; 2005. p.110–124. DOI:10.1109/ SP.2005.19</mixed-citation></citation-alternatives></ref><ref id="cit7"><label>7</label><citation-alternatives><mixed-citation xml:lang="ru">Saxena N., Ekberg J.-E., Kostiainen K., Asokan N. Secure Device Pairing Based on a Visual Channel // Proceedings of the Symposium on Security and Privacy (S&amp;P'06, Berkeley/Oakland, USA, 21–24 May 2006). IEEE, 2006. PP. 57–68. DOI:10.1109/SP.2006.35</mixed-citation><mixed-citation xml:lang="en">Saxena N., Ekberg J.-E., Kostiainen K., Asokan N. Secure Device Pairing Based on a Visual Channel. Proceedings of the Symposium on Security and Privacy, S&amp;P'06, 21–24 May 2006, Berkeley/Oakland, USA. IEEE; 2006. p.57–68. DOI:10.1109/SP. 2006.35</mixed-citation></citation-alternatives></ref><ref id="cit8"><label>8</label><citation-alternatives><mixed-citation xml:lang="ru">Prasad R., Saxena N. Efficient Device Pairing Using “Human-Comparable” Synchronized Audiovisual Patterns // Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS 2008, New York, USA, 3–6 June 2008). Lecture Notes in Computer Science. Berlin, Heidelberg: Springer, 2008. Vol. 5037. PP. 328–345. DOI:10.1007/ 978-3-540-68914-0_20</mixed-citation><mixed-citation xml:lang="en">Prasad R., Saxena N. Efficient Device Pairing Using “Human-Comparable” Synchronized Audiovisual Patterns. Proceedings of the 6th International Conference on Applied Cryptography and Network Security, ACNS 2008, 3–6 June 2008, New York, USA. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer; 2008. vol.5037. p.328–345. DOI:10.1007/978-3-540- 68914-0_20</mixed-citation></citation-alternatives></ref><ref id="cit9"><label>9</label><citation-alternatives><mixed-citation xml:lang="ru">Goodrich M.T., Sirivianos M., Solis J., Soriente C., Tsudik G., Uzun E. Using Audio in Secure Device Pairing // International Journal of Security and Networks. 2009. Vol. 4. Iss. 1. PP. 57–68. DOI:10.1504/IJSN.2009.023426</mixed-citation><mixed-citation xml:lang="en">Goodrich M.T., Sirivianos M., Solis J., Soriente C., Tsudik G., Uzun E. Using Audio in Secure Device Pairing. International Journal of Security and Networks. 2009;4(1):57–68. DOI:10.1504/IJSN.2009.023426</mixed-citation></citation-alternatives></ref><ref id="cit10"><label>10</label><citation-alternatives><mixed-citation xml:lang="ru">Goodrich M.T., Sirivianos M., Solis J., Tsudik G. Uzun E. Loud and Clear: Human-Verifiable Authentication Based on Audio. Distributed Computing Systems // Proceedings of the 26th International Conference on Distributed Computing Systems (ICDCS 2006, Lisboa, Portugal, 4−7 July 2006). IEEE, 2006. PP. 1−10. DOI:10.1109/ICDCS.2006.52</mixed-citation><mixed-citation xml:lang="en">Goodrich M.T., Sirivianos M., Solis J., Tsudik G. Uzun E. Loud and Clear: Human-Verifiable Authentication Based on Audio. Distributed Computing Systems. Proceedings of the 26th International Conference on Distributed Computing Systems, ICDCS 2006, 4−7 July 2006, Lisboa, Portugal. IEEE; 2006. p.1−10. DOI:10.1109/ICDCS.2006.52</mixed-citation></citation-alternatives></ref><ref id="cit11"><label>11</label><citation-alternatives><mixed-citation xml:lang="ru">Soriente C., Tsudik G., Uzun E. HAPADEP: Human-Assisted Pure Audio Device Pairing // Proceedings of the 11th International Conference on Information Security (ISC 2008, Taipei, Taiwan, 15−18 September 2008). Lecture Notes in Computer Science. Berlin, Heidelberg: Springer, 2008. Vol. 5222. PP. 385–400. DOI:10.1007/978-3-540-85886-7_27</mixed-citation><mixed-citation xml:lang="en">Soriente C., Tsudik G., Uzun E. HAPADEP: Human-Assisted Pure Audio Device Pairing. Proceedings of the 11th International Conference on Information Security, ISC 2008, 15−18 September 2008, Taipei, Taiwan. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer; 2008. vol.5222. p.385–400. DOI:10.1007/978-3-540-85886-7_27</mixed-citation></citation-alternatives></ref><ref id="cit12"><label>12</label><citation-alternatives><mixed-citation xml:lang="ru">Mayrhofer R. Gellersen H. Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices // IEEE Transactions on Mobile Computing. 2009. Vol. 8. Iss. 6. PP. 792–806. DOI:10.1109/TMC.2009.51</mixed-citation><mixed-citation xml:lang="en">Mayrhofer R. Gellersen H. Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices. IEEE Transactions on Mobile Computing. 2009;8(6):792–806. DOI:10.1109/TMC.2009.51</mixed-citation></citation-alternatives></ref><ref id="cit13"><label>13</label><citation-alternatives><mixed-citation xml:lang="ru">Soriente C., Tsudik G., Uzun E. BEDA: Button-Enabled Device Association // Proceedings of the 1st International Workshop on Security for Spontaneous Interaction (IWSSI). Linz: Institute of Networks and Security, 2007. PP. 443−449.</mixed-citation><mixed-citation xml:lang="en">Soriente C., Tsudik G., Uzun E. BEDA: Button-Enabled Device Association. Proceedings of the 1st International Workshop on Security for Spontaneous Interaction (IWSSI). Linz: Institute of Networks and Security; 2007. p.443−449.</mixed-citation></citation-alternatives></ref><ref id="cit14"><label>14</label><citation-alternatives><mixed-citation xml:lang="ru">Kumar А., Saxena N., Tsudik G., Uzun E. Caveat emptor: A comparative study of secure device pairing methods // Proceedings of the International Conference on Pervasive Computing and Communications (Galveston, USA, 9−13 March 2009). IEEE, 2009. PP. 1–10. DOI:10.1109/PERCOM.2009.4912753</mixed-citation><mixed-citation xml:lang="en">Kumar А., Saxena N., Tsudik G., Uzun E. Caveat emptor: A comparative study of secure device pairing methods. Proceedings of the International Conference on Pervasive Computing and Communications, 9−13 March 2009, Galveston, USA. IEEE; 2009. p.1–10. DOI:10.1109/PERCOM.2009.4912753</mixed-citation></citation-alternatives></ref><ref id="cit15"><label>15</label><citation-alternatives><mixed-citation xml:lang="ru">Корпусов В.Д., Ольховой О.О., Яковлев В.А. Исследование датчика случайных чисел на основе магнитометра // VII Международная научно-техническая и научно-методическая конференция «Актуальные проблемы инфотелекоммуникаций в науке и образовании» (Санкт-Петербург, Россия, 28 февраля−1 марта 2018). СПб: СПбГУТ, 2018. С. 488−494.</mixed-citation><mixed-citation xml:lang="en">Korpusov V., Olkhovoy O., Yakovlev V. The Research of the Random Number Generator Based on the Magnetometer. Proceedings of the VIIth International Conference on Infotelecommunications in Science and Education, 28 February−1 March 2018, St. Petersburg, Russia. St. Petersburg: The Bonch-Bruevich Saint-Petersburg State University of Telecommunications Publ.; 2018. p.488‒494. (in Russ.)</mixed-citation></citation-alternatives></ref><ref id="cit16"><label>16</label><citation-alternatives><mixed-citation xml:lang="ru">Яковлев В.А. Аутентификация ключей, распределяемых методом Диффи-Хеллмана, для мобильных устройств на основе аутентифицирующих помехоустойчивых кодов и магнитометрических данных // Труды СПИИРАН. 2019. Т. 18. № 3. С. 705−740. DOI:10.15622/sp.2019.18.3.705-740</mixed-citation><mixed-citation xml:lang="en">Yakovlev V.A. Authentication of Keys Distriburted by the Diffie − Hellman Method for Mobile Devices Based on Authentication Codes and Magnetometric Data. SPIIRAS Proceedings. 2019;18(3):705−740. DOI:10.15622/sp.2019.18.3.705-740</mixed-citation></citation-alternatives></ref><ref id="cit17"><label>17</label><citation-alternatives><mixed-citation xml:lang="ru">Maurer U. Information-Theoretically Secure Secret-Key Agreement by not Authenticated Public Discussion // Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques (Konstanz, Germany, 11–15 May 1997). Lecture Notes in Computer Science. Berlin, Heidelberg: Springer, 1997. Vol. 1233. PP. 209−223. DOI:10.1007/3-540-69053-0_15</mixed-citation><mixed-citation xml:lang="en">Maurer U. Information-Theoretically Secure Secret-Key Agreement by not Authenticated Public Discussion. Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, 11–15 May 1997, Konstanz, Germany. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer; 1997. vol.1233. p.209−223. DOI:10.1007/3-540- 69053-0_15</mixed-citation></citation-alternatives></ref><ref id="cit18"><label>18</label><citation-alternatives><mixed-citation xml:lang="ru">Korzhik V., Yakovlev V., Morales-Luna G., Chesnokov R. Perfomance Evaluation of Keyless Authentication Based on Noisy Channel // Proceedings of the 4th International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security (MMM-ACNS 2007, St. Petersburg, Russia, 13–15 September 2007). Communications in Computer and Information Science. Berlin, Heidelberg: Springer, 2007. Vol. 1. PP. 115−126. DOI:10.1007/978-3-540-73986-9_9</mixed-citation><mixed-citation xml:lang="en">Korzhik V., Yakovlev V., Morales-Luna G., Chesnokov R. Perfomance Evaluation of Keyless Authentication Based on Noisy Channel. Proceedings of the 4th International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2007, 13–15 September 2007, St. Petersburg, Russia. Communications in Computer and Information Science. Berlin, Heidelberg: Springer, 2007. vol.1. p.115−126. DOI:10.1007/978-3-540-73986-9_9</mixed-citation></citation-alternatives></ref><ref id="cit19"><label>19</label><citation-alternatives><mixed-citation xml:lang="ru">Яковлев В.А. Cпособ аутентификации значений Диффи-Хеллмана на основе предварительно распределенных случайных последовательностей и хэширующих функций // X Международная научно-техническая и научнометодическая конференция «Актуальные проблемы инфотелекоммуникаций в науке и образовании» (СанктПетербург, Россия, 24–25 февраля 2021). СПб: СПбГУТ, 2021. С. 693−698.</mixed-citation><mixed-citation xml:lang="en">Yakovlev V. Authentication Method Diffie-Hellman Values Based on Pre-Distributed Binary Sequences and Strictly Universal Hash Functions // Proceedings of the X International Conference on Infotelecommunications in Science and Education, 24−28 February 2021, St. Petersburg, Russia. St. Petersburg: The Bonch-Bruevich Saint-Petersburg State University of Telecommunications Publ.; 2021. p. 693‒698. (in Russ.)</mixed-citation></citation-alternatives></ref><ref id="cit20"><label>20</label><citation-alternatives><mixed-citation xml:lang="ru">Yakovlev V., Korzhik V., Adadurov S. Authentication of Diffie-Hellman Protocol for Mobile Units Executing a Secure Device Pairing Procedure in Advance // Proceedings of the 29th Conference of Open Innovations Association (FRUCT, Tampere, Finland, 12−14 May 2021). IEEE, 2021. DOI:10.23919/FRUCT52173.2021.9435495</mixed-citation><mixed-citation xml:lang="en">Yakovlev V., Korzhik V., Adadurov S. Authentication of Diffie-Hellman Protocol for Mobile Units Executing a Secure Device Pairing Procedure in Advance. Proceedings of the 29th Conference of Open Innovations Association, FRUCT, 12−14 May 2021, Tampere, Finland. IEEE; 2021. DOI:10.23919/FRUCT52173.2021.9435495</mixed-citation></citation-alternatives></ref><ref id="cit21"><label>21</label><citation-alternatives><mixed-citation xml:lang="ru">Wegman M.N., Carter J.L. New Hash Functions and their Use in Authentication and Set Equality // Journal of Computer and System Sciences. 1981. Vol. 22. Iss. 3. PP. 265−279. DOI:10.1016/0022-0000(81)90033-7</mixed-citation><mixed-citation xml:lang="en">Wegman M.N., Carter J.L. New Hash Functions and their Use in Authentication and Set Equality. Journal of Computer and System Sciences. 1981;22(3):265−279. DOI:10.1016/0022-0000(81)90033-7</mixed-citation></citation-alternatives></ref><ref id="cit22"><label>22</label><citation-alternatives><mixed-citation xml:lang="ru">Carter J.l., Wegman M.N. Universal classes of hash functions // Journal of Computer and System Sciences. 1979. Vol. 18. Iss. 2. PP. 143−154. DOI:10.1016/0022-0000(79)90044-8</mixed-citation><mixed-citation xml:lang="en">Carter J.l., Wegman M.N. Universal classes of hash functions. Journal of Computer and System Sciences. 1979;18(2):143−154. DOI:10.1016/0022-0000(79)90044-8</mixed-citation></citation-alternatives></ref><ref id="cit23"><label>23</label><citation-alternatives><mixed-citation xml:lang="ru">Maurer U. Secret key agreement by public discussion from common information // IEEE Transactions on Information Theory. 1993. Vol. 39. Iss. 3. PP. 2535–2549. DOI:10.1109/18.256484</mixed-citation><mixed-citation xml:lang="en">Maurer U. Secret key agreement by public discussion from common information. IEEE Transactions on Information Theory. 1993;39(3):2535–2549.</mixed-citation></citation-alternatives></ref><ref id="cit24"><label>24</label><citation-alternatives><mixed-citation xml:lang="ru">ГОСТ Р 34 12-2015. Информационная технология. Криптографическая защита информации. Блочные шифры. М.: Стандартинформ, 2015.</mixed-citation><mixed-citation xml:lang="en">GOST Р 34 12-2015. Information Technology. Cryptographic Information Protection. Block Ciphers. М.: Standartinform Publ.; 2015. (in Russ.).</mixed-citation></citation-alternatives></ref><ref id="cit25"><label>25</label><citation-alternatives><mixed-citation xml:lang="ru">FIPS 197. Specification for the ADVANCED ENCRIPTION STANDARD (AES). Nov.2001.</mixed-citation><mixed-citation xml:lang="en">FIPS 197. Specification for the ADVANCED ENCRIPTION STANDARD (AES). Nov.2001.</mixed-citation></citation-alternatives></ref></ref-list><fn-group><fn fn-type="conflict"><p>The authors declare that there are no conflicts of interest present.</p></fn></fn-group></back></article>
