Cryptographic security of confidential data in computer systems and networks is an extremely important matter. Achieving improvements in this field requires effective and complex methods of data security during its storage [ 1, 2 ], transmission [ 3, 4 ], and processing [ 5 ]. The size of data resources for storage, transmission and processing is the defining attribute for choosing methods of cryptographic data security. The size of data resources affects the efficiency of computer networks, as well as the system of cryptographic security. It is worth noting, however, that an increase in the efficiency of computer network may result in a reduction of resources available for allocation for

0000-0003-3473-7433 (V. Rudnytskyi); 0000-0003-2039-2841 (V. Babenko); 0000-0002-7682-2970 (N. Lada); 0000-00019192-5313 (T. Stabetska); 0000-0002-9916-5256 (D. Pidlasyi); 0000-0003-4759-9383 (L. Parkhuts) cryptographic data protection. An effective method for mitigating this downside is implementing lightweight cryptography in secured computer networks [ 6–9 ]. This necessity to apply the lightweight cryptography in computer networks exists due to the different effectiveness of cryptographic algorithms used for securing the stored, transfered and processed data [ 10 ].

Effective functioning of cryptographic system for data security within computer network is ensured primarily by balancing such attributes as cryptographic integrity, complexity and speed of execution, as well as available resources. In addition, the structure, architecture and performance features of the computer network should also be taken into account during projection of the data security systems [ 11 ]. One effective solution for optimization of this attribute revolves around the creation of cryptographic systems based on CET-operations (Сryptographic Encoding Theory). These operations are an integral part of CET-encryption [ 11 ].

The analytical review of the results of research related to CET-operations is available in [ 12 ]. The vital role of non-commutative CET-operations among the two-operand CET-operations is an important factor to consider. This is primarily because of the sheer quantity of non-commutative CET-operations (including non-symmetrical) compared to the commutative CET-operations (including non-symmetrical) [ 11 ]. Scientists have dedicated numerous researches to study their attributes and applications. For example, paper [ 13 ] describes options for creating stream ciphers based on double-cycle non-commutative CET-operations. Monograph [ 11 ] generalizes the research results revolving around CET-operations and stream encryption technologies based on these operations. We, however, have dedicated our paper to researching the attributes of cryptographic systems with a mediator, as well as the peculiarities of their creation. The main attribute of such system is the presence of a mediator that re-encrypts a cryptogram before transmitting it to one of the addressees. This re-encryption ensures confidentiality of encryption, decryption, and reencryption algorithms within the cryptographic system with one or several mediators. Monograph [ 11 ] suggests the option for creating cryptographic networks based on cryptographic systems with a mediator similar to computer networks. The authors have analyzed the principles of creating cryptographic networks as cryptographic add-ons for computer networks with identical structure and architecture. In theory, this cryptographic network is capable of ensuring the confidentiality of stored, transmitted, and processed data by keeping encryption, decryption, and re-encryption algorithms confidential. However, the authors of the monograph [ 11 ] only assume the possibility of such cryptographic networks, and this assumption is proved neither theoretically, nor practically.

Recent studies in the field of applied cryptography also emphasize the importance of practical implementation aspects when designing secure communication architectures. For instance, the work of Vorobets et al. [14] investigates the integration of post-quantum key encapsulation mechanisms in real-world environments, which could be adapted for mediator-based network structures. Similarly, Sovyn et al. [15] explore methods for optimizing cryptographic components, such as S-boxes, which may improve the efficiency of CET-based encryption. Additionally, research by Opirskyy et al. [16] addresses potential vulnerabilities in information systems at different TCP/IP layers, highlighting threat models relevant for secure mediator-based communication channels.

The main purpose is the development of principles applicable to modeling of cryptographic network with the defined architecture, as well as the definition of CET-operations sets to ensure the correct functionality of this network.

We have established the following objectives to fulfill the aforementioned purpose: 

To analyze the attributes of cryptographic data security in computer networks.

To analyze the attributes of utilizing the cryptographic systems with a mediator for securing data in computer networks.

To create a model of cryptographic network based on the analysis of a graph of a computer network.

To define the CET-operations sets applicable for creation of a cryptographic network based on the execution results of the created model.

To analyze the execution attributes of a cryptographic network for the defined CEToperations sets.

The object of our research is the processes of data transformation under conditions of joint usage of the limited resources stream ciphers based on CET-operations.

The main hypothesis serving as the foundation of our research is the possibility of creating a cryptographic network by joint usage of regular cryptographic systems and cryptographic systems with mediators, which are created based on CET-operations. Processes, such as encryption, decryption, and re-encryption of confidential data, are ensured by the network addressees by executing the defined CET-operations sets. Joint application of these processes substantially increases the variability of CET-encryption.

The first step of proving the hypothesis lies in practical confirmation of the possibility to define the CET-operations set applicable to setting up a cryptographic network with defined architecture. Discovering the relationships between CET-operations and defining their sets requires creation of constraint system with multiple options for limiting cryptographic transformations according to the architecture of cryptographic network. We can consider this system of limitations as a model of cryptographic network. To create the model of cryptographic network, we have used methods of discrete mathematics, set theory and linear algebra.

We will use only single- and two-operand CET-operations to present the results of our research. To simplify the presentation of these practical results, we use only 2 Ci-quanta CET-operations. We apply this limitation because of having only one mathematical apparatus used to describe an entire set of CET-operations in the fieldG 4 [ 11 ]. 5. Modeling of a cryptographic network based on application of CEToperations Transmission of confidential data in computer networks proceeds from sender to receiver. If there is no direct link from sender to receiver, the mediator will be responsible for retransmission of a cryptogram.

The exchange of confidential data is ensured for every pair of addressees by utilization of a cryptographic system for data encryption and decryption. However, these systems do not take into account presence or absence of mediators for retransmission of a cryptogram. Implementing separate cryptographic systems for data exchange in the secured computer network increases the complexity of data security system. Overall, the complexity increases proportionally to the number of addressees in computer network. This particular approach, however, does not take into account structure and architecture of a computer network, as well as the attributes of cryptographic systems with a mediator.

We will now analyze creation of data security system in computer network based on CEToperations and cryptographic systems with a mediator. We will refer to this data security system as cryptographic network. The cryptographic network ensures data security in computer network, and thus requires identical network architecture for proper functioning. A structure of a computer network defines the requirements for creating a cryptographic network, while the results of creating said cryptographic network impose limitations on functionality of a computer network. We will now analyze the possibility of creating data security system in computer network based on CET-operations. Let’s assume, that a computer network consists of 5 addressees and is presented by an oriented graph. Graphs of both the computer and cryptographic networks are identical due to the identical architecture of these networks. Creation of a cryptographic network can be analyzed by its representation graph from Figure 1.

Let’s assume, that addressees of a cryptographic network can transmit data directly, and through mediators. Ensuring direct exchange of confidential data between different addressees requires implementing different CET-encryption algorithms. We impose the following limitations during creation of a cryptographic network:    non-symmetrical CET-operations are preferable for establishing cryptographic link between addresses. identical models of CET-operations are preferable for decreasing complexity of the cryptographic network for direct and inverse cryptographic transformations. a minimal number of addressees is required during the establishment of a cryptographic link.

Taking into account these limitations, we will now analyze option 1 in detail.

First, we will describe the limitations of direct cryptographic links between addressees within the cryptographic network. Let’s assume, that addressee 1 directly transmits data to addressee 2. The data is encrypted by CET-operation C 1,2( x ) . Addressee 1 then acquires data from addressee 2. The data is encrypted by CET-operation C 2,1( x ) . The cryptographic link between addressees 1 and 2 can be established under the following conditions: (1) (2) C1,2 ( x)  C 2,1 ( x);   C 2,1 (C1,2 ( x))  x, C 2,1 ( x)  C1/,2 ( x);  C1,2 (C 2,1 ( x))  x, C1,2 ( x)  C 2/,1 ( x). C1,3 ( x)  C3,1 ( x);   C3,1 (C1,3 ( x))  x, C3,1 ( x)  C1/,3 ( x);  C1,3 (C3,1 ( x))  x, C1,3 ( x)  C3/,1 ( x).

Addressee 1 directly transmits data to addressee 3. The data is encrypted by CET-operation C 1,3( x ) . Addressee 1 then acquires data from addressee 3. The data is encrypted by CET-operation C 3,1( x ) . The cryptographic link between addressees 1 and 3 can be established under the following conditions:

Addressee 1 directly transmits data to addressee 4. The data is encrypted by CET-operation C 1,4 ( x ) . Addressee 1 then acquires data from addressee 4. The data is encrypted by CET-operation C 4,1( x ) . The cryptographic link between addressees 1 and 4 can be established under the following conditions:

Addressee 2 directly transmits data to addressee 4. The data is encrypted by CET-operation C 2,4 ( x ) . Addressee 2 then acquires data from addressee 4. The data is encrypted by CET-operation C 4,2( x ) . The cryptographic link between addressees 2 and 4 can be established under the following conditions: C1,4 ( x)  C 4,1 ( x);   C 4,1 (C1,4 ( x))  x, C 4,1 ( x)  C1/,4 ( x);  C1,4 (C 4,1 ( x))  x, C1,4 ( x)  C 4/,1 ( x). C 2,4 ( x)  C 4,2 ( x);   C 4,2 (C 2,4 ( x))  x, C 4,2 ( x)  C 2/,4 ( x);  C 2,4 (C 4,2 ( x))  x, C 2,4 ( x)  C 4/,2 ( x). C 2,5 ( x)  C5,2 ( x);   C5,2 (C 2,5 ( x))  x, C5,2 ( x)  C 2/,5 ( x);  C 2,5 (C5,2 ( x))  x, C 2,5 ( x)  C5/,2 ( x). (3) (4) (5) Addressee 2 directly transmits data to addressee 5. The data is encrypted by CET-operation C 2,5( x ) . Addressee 2 then acquires data from addressee 5. The data is encrypted by CET-operation C 5,2( x ) . The cryptographic link between addressees 2 and 5 can be established under the following conditions:

The conditions for establishing all direct cryptographic links illustrated in Figure 1 are described similarly to those analyzed above.

Having generalized the limitations related to direct cryptographic links between addressees within the cryptographic network, we can now further proceed with our analysis. C1,2 ( x)  C 2/,1 ( x); C 2,1 ( x)  C1/,2 ( x); C1,2 ( x)  C 2,1 ( x); C1,3 ( x)  C3/,1 ( x); C3,1 ( x)  C1/,3 ( x); C1,3 ( x)  C3,1 ( x);  C1,4 ( x)  C 4/,1 ( x); C 4,1 ( x)  C1/,4 ( x); C1,4 ( x)  C 4,1 ( x);  C 2,4 ( x)  C 4/,2 ( x); C 4,2 ( x)  C 2/,4 ( x); C 2,4 ( x)  C 4,2 ( x);  C 2,5 ( x)  C5/,2 ( x); C5,2 ( x)  C 2/,5 ( x); C 2,5 ( x)  C5,2 ( x);  C3,4 ( x)  C 4/,3 ( x); C 4,3 ( x)  C3/,4 ( x); C3,4 ( x)  C 4,3 ( x);  C3,5 ( x)  C5/,3 ( x); C5,3 ( x)  C3/,5 ( x); C3,5 ( x)  C5,3 ( x); С 4,5 ( x)  C5/,4 ( x); C5,4 ( x)  C 4/,5 ( x); C 4,5 ( x)  C5,4 ( x);

We will now describe the limitations of cryptographic links with a mediator between addressees within the cryptographic network.

Addressee 1 can establish a cryptographic link with addressee 5 with assistance of addressee 2 acting as a mediator.

The cryptographic link based on (1) and (5) cannot be established because: 

C 5,2( C 2,5( C 1,2( x ) ) )= C 1,2( x )≠ x . This expression is valid because C 5,2( C 2,5( x ) )= x .

C 5,2( C 2,1( C 1,2( x ) ) )= C 5,2( x )≠ x . This expression is valid because C 2,1( C 1,2( x ) )= x . When a mediator operates with an inverse CET-operation, the data is decrypted before being transmitted to the addressee (or another mediator), thus resulting in a loss of confidentiality.

Dealing with the issue mentioned above is possible by ensuring that addressee operates with different CET-operations for data decryption. Addressee 1 uses the following 3 CET-operations according to models (1)–(4): C 1,2( x ) , C 1,3( x ) and C 1,4 ( x ) . Thus, the establishment of confidential communications link through addressee 2 requires utilization of the following models: C 1,3( x ) , C 1,4 ( x ) .

C5,2 (C 2,1 (C1,3 ( x)))  x ; C5,2 (C 2,1 (C1,4 ( x)))  x .

C 5,2( x )= const and C 2,1( x )= const are valid for the described models. Thus, only one operation can be used for modeling a cryptographic system with communications link between addressees 1 and 5 through addressee 2 acting as a mediator. This operation is either C 1,3( x ) , or C 1,4 ( x ) . The validity of this claim is based on a fact that single-operand CET-operations used for encryption are from one mathematical group of operations to an accuracy of permutation. Thus, we can acquire the following results:

C5,2 (C 2,1 (C1,3 ( x)))  x

C5,2 (C 2,1 (C1,4 ( x)))  x where ⟨ indicates that a transformation is possible by solving at least one equation (model). Similarly, we will now create models of other relationships through mediators.

Addressee 1 can establish a cryptographic link with addressee 5 in several ways: (6) (7) (8)   with assistance of addressee 3 acting as a mediator. This can be done under the following conditions: with assistance of addressee 4 acting as a mediator. This can be done under the following condition:

Cryptographic network is capable of ensuring transmission of confidential data from addressee 1 to addressee 4 if at least one condition ((6), (7), or (9)) is fulfilled.

C5,3 (C3,1 (C1,2 ( x)))  x C5,3 (C3,1 (C1,4 ( x)))  x C5,4 (C 4,1 (C1,2 ( x)))  x C5,4 (C 4,1 (C1,3 ( x)))  x

C5,2 (C2,1 (C1,3 ( x)))  x C5,2 (C2,1 (C1,4 ( x)))  x C5,3 (C3,1 (C1,2 ( x)))  x C5,3 (C3,1 (C1,4 ( x)))  x C5,4 (C4,1 (C1,2 ( x)))  x C5,4 (C4,1 (C1,3 ( x)))  x  C5,2(C2,1(C1,4(x)))  x   C5,3(C3,1(C1,2(x)))  x  ;  C5,3(C3,1(C1,4(x)))  x  C5,4(C4,1(C1,2(x)))  x  C5,4(C4,1(C1,3(x)))  x   C3,1(C1,2(C2,4(x)))  x   C3,1(C1,2(C2,5(x)))  x   C3,4(C4,2(C2,1(x)))  x  C3,4(C4,2(C2,5(x)))  x

Simultaneous fulfillment of several conditions ensures transmission of confidential data through several routes and different mediators.

The limitations for other routes used for exchange of confidential data between addressees through mediators are defined similarly.

Combining these limitations provides an opportunity to create a model of cryptographic network described in Figure 1. (9)  C3,5(C5,2(C2,1(x)))  x  C3,5(C5,2(C2,5(x)))  x   C2,1(C1,3(C3,4(x)))  x   C2,1(C1,3(C3,5(x)))  x   C2,4(C4,3(C3,1(x)))  x   C2,4(C4,3(C3,5(x)))  x  C2,5(C5,3(C3,1(x)))  x  C2,5(C5,3(C3,4(x)))  x   C1,2(C2,5(C5,3(x)))  x   C1,2(C2,5(C5,4(x)))  x   C1,3(C3,5(C5,2(x)))  x  C1,3(C3,5(C5,4(x)))  x  C1,2(x)  C2/,1(x); C2,1(x)  C1/,2(x); C1,2(x)  C2,1(x);

 C1,3(x)  C3/,1(x); C3,1(x)  C1/,3(x); C1,3(x)  C3,1(x);

 C1,4(x)  C4/,1(x); C4,1(x)  C1/,4(x); C1,4(x)  C4,1(x);  C2,4(x)  C4/,2(x); C4,2(x)  C2/,4(x); C2,4(x)  C4,2(x);  C2,5(x)  C5/,2(x); C5,2(x)  C2/,5(x); C2,5(x)  C5,2(x);  C3,4(x)  C4/,3(x); C4,3(x)  C3/,4(x); C3,4(x)  C4,3(x);  C3,5(x)  C5/,3(x); C5,3(x)  C3/,5(x); C3,5(x)  C5,3(x); С4,5(x)  C5/,4(x); C5,4(x)  C4/,5(x); C4,5(x)  C5,4(x); We can define a set of single-operand CET-operations for creating a cryptographic network based on single-operand CET-operations by solving a system of equations (9). These equations establish limitations in the defined cryptographic network. Several solutions for the system of equations (9) results in acquisition of several sets of single-operand CET-operations. Single-operand CEToperations from different sets can be combined either into groups of single-operand CEToperations or into multi-operand CET-operations. This allows creating cryptographic networks based on groups of CET-operations or multi-operand CET-operations.

We will use a group of 2Ci-quanta single-operand CET-operations to define a set of singleoperand CET-operations to create a cryptographic network described in Figure 1 according to model (9). The group of 2Ci-quanta single-operand CET-operations is described in Table 1 [ 11 ]. Non-symmetrical single-operand CET-operations usable during creation of a cryptographic network are highlighted in grey. x2  C1.2 x  C7 x  C8/ x   x1 1. Expression below describes how addressee 1 encrypts data for

x2  1 addressee 3: C1.3 x  C8 x  C 7/ x   . Expression below describes how addressee 1 x1  encrypts data for addressee 4: C1.4 x  C10 x  C1/8 x  x2 .

x1  x2  Expression below describes how addressee encrypts data for addressee  . Expression below describes how addressee 3 encrypts data for

x2  1 addressee 4: C 3.4 x  C8 x  C 7/ x   . Expression below describes how addressee 3 x1  x1  x  encrypts data for addressee 5: C 3.5 x  C13 x  C1/1 x   2 . x2  1  Expression below describes how addressee 4 encrypts data for addressee 1: x1  x  C4.1x  C18 x  C1/0 x   2 . Expression below describes how addressee 4 encrypts data for x1 

x2  1 addressee 2: C 4.2 x  C8 x  C 7/ x   x1 . Expression below describes how addressee 4  x1  x2  encrypts data for addressee 3: C 4.3 x  C 7 x  C8/ x   . Expression below describes how x1 1 x1  x2 1 addressee 4 encrypts data for addressee 5: C 4.5 x  C11 x  C1/3 x   . x2 1  Expression below describes how addressee 5 encrypts data for addressee 2: x1  x  C5.2 x  C18 x  C1/0 x   2 . Expression below describes how addressee 5 encrypts data for x1  x2  1 addressee 3: C 5.3 x  C11 x  C1/3 x   . Expression below describes how addressee 5 x2  1  x1  x  encrypts data for addressee 4: C 5.4 x  C13 x  C1/1 x   2 . x2  1 

Addressee 1 encrypts data for addressee 5 by CET-operation C1.4 x  C10 x . If transmission occurs through addressee 3, then the following operation is valid: C5.3 C3.1 C1.4 x  x . If transmission occurs through addressee 4, then CET-operation C1.3 x  C 8 x is used for encryption and the following operation is valid: C5.4 C 4.1 C1.3 x  x .

Addressee 2 encrypts data for addressee 3 by CET-operation C 2.1 x  C8 x . Transmission occurs through addressee 5: C3.5 C5.2 C 2.1 x  x .

Addressee 3 encrypts data for addressee 2 by CET-operation C 3.1 x  C 7 x. Transmission occurs through addressee 5: C 2.5 C5.3 C3.1 x  x . occurs through addressee 2: C1.2 C 2.5 C5.3 x  x . If transmission occurs through addressee 4, then CET-operation C1.3 x  C 8 x is used for encryption and the following operation is valid: C5.4 C 4.1 C1.3 x  x . Table 2 shows all the described cryptographic relationships between addressees of cryptographic network (Figure 1). Models used for transformation of data through mediator are highlighted in grey. C1.3 C3.5 C5.2 x  x C1.3 C3.5 C5.2 x  x ―――

C1.2 x  C7 x

C1.3 x  C 8 x C1.4 x  C10 x C5.4 C4.1C1.3 x  x Addressee 2 C 2.1 x  C 8 x ―――

C3.5 C5.2 C2.1x  x

C 2.4 x  C 7 x

C 2.5 x  C 23 x Addressee 3 C 3.1 x  C 7 x C2.5 C5.3 C3.1x  x ―――

C 3.4 x  C 24 x C3.5 x  C19 x Addressee 4 C4.1x  C18 x C 4.2 x  C 8 x

C4.3 x  C15 x ――― Addressee 5 C1.2 C2.5 C5.3 x  x C5.2 x  C12 x C5.3 x  C22 x C 5.4 x  C13 x C4.5 x  C11 x

――― Addressee 1

x2  x1 1, якщо y1  0; y2  0 

Similarly, we will now create all other two-operand CET-operations used for implementation of a cryptographic network.

(y1  y2)x1  x2  y1  y2  C1.3(x, y)   (y1  y2)x1 (y1  y2)x2  y1 (y1  y2)x1  x2  y1  C1.4 (x, y)   (y1  y2)x1 (y1  y2)x2  y2

(y1  y2)x1  x2  y1  y2  C2.1(x, y)   (y1  y2)x1 (y1  y2)x2  y1 (y1  y2)x1 (y1  y2)x2  y2 C2.4(x, y)  x1 (y1  y2)x2  y1  y2 

(y1  y2)x1 (y1  y2)x2  y2

C2.5(x, y)  x1  y2 x2 (y1  y2)  (y1  y2)x1  x2  y1  y2  C4.1(x, y)   (y1  y2)x1 (y1  y2)x2  y1

(y1  y2)x1  x2  y1  C3.1(x, y)   (y1  y2)x1 (y1  y2)x2 (y1  y2) y1 x1  x2 (y1  y2)  C3.4(x, y)   (y1  y2)x1 (y1  y2)x2 (y1  y2) x1 (y1  y2)x2  y1  y2  C3.5(x, y)   (y1  y2)x1 (y1  y2)x2 (y1  y2) ( y1  y2 )  x1  x2  y1  y2  C4.3 ( x, y)    ( y1  y2 )  x1  y1  x2  ( y1  y2 )  y1  x1  ( y1  y2 )  x2 1  C4.5 ( x, y)    ( y1  y2 )  x1  ( y1  y2 )  x2  y2  through addressee 4, then the following operation is valid: C3.5 C5.2 C2.1 x, y, y, y  x .

Addressee 2 encrypts data for addressee 3 by CET-operation C 2,1( x , y ) . If transmission occurs through addressee 5, then the following operation is valid: C3.5 C5.2 C2.1 x, y, y, y  x .

Addressee 3 encrypts data for addressee 2 by CET-operation. If transmission occurs through addressee 5, then the following operation is valid: C 2.5 C5.3 C3.1 x, y, y, y  x .

Addressee 5 encrypts data for addressee 1 by CET-operation C 5,3( x , y ) . If transmission occurs through addressee 2, then the following operation is valid: C1.2 C2.5 C5.3 x, y, y, y  x .

If transmission occurs through addressee 4, then CET-operation C 1,3( x , y ) is used for encryption and the following operation is valid: C5.4 C 4.1 C1.3 x, y, y, y  x .

The correctness of these models is easily validated if the value of the second operand is fixed(y). We can thus conclude that a cryptographic network created based on two-operand CET-operations can function properly when addressees operate with identical pseudorandom (key) sequences.

Data security in computer networks based on implementing cryptographic data security systems greatly increases the complexity of the generic data security system. It occurs because this approach does not take into account the structure and architecture of computer or telecommunication network requiring protection. Adapting data security system to structure and architecture of a network is possible based on cryptographic systems with a mediator [ 11 ].

We define a cryptographic network as a cryptographic system adapted for data security in computer or telecommunication networks based on encryption, decryption, and re-encryption of data. We also define CET-encryption as a theoretical foundation for creating cryptographic networks [ 11 ]. Addressees can operate with different CET-encryption algorithms and use them jointly to create closed communications links. This reduces the complexity of implementing a cryptographic network. Reduction of complexity is explained by the fact that the number of algorithms used by each addressee (graph node) is proportional to the number of connected communications links (edges), and not the number of system addressees.

CET-encryption is a branch of lightweight post quantum cryptography [ 13 ]. Thus, we can consider cryptographic networks as a type of lightweight post quantum data security systems.

Theoretical possibility of creating a cryptographic network [ 11 ] can only be proven by a practical attempt to create the said network.

Our simulation experience conducted based on the created network model has, however, proven the correctness of theoretical recommendations and hypotheses [ 11 ]. We have used a group of 2Ciquanta CET-operations (operations in field G4 ) during our experiment. As a result, we have acquired  3,9 10 6 number of options for implementing a cryptographic network based on singleoperand CET-operations. We have acquired this result based on just 24 operations from the group. Thus, we have decided not to use a group of 3Ci-quanta CET-operations (40320 operations in the field G8 ), or a group of 4Ci-quanta CET-operations (16! operations in the field G16 ) during our experiment.

The quantity of acquired sets applicable to implementing a cryptographic network allows us to combine single-operand CET-operations into multi-operand operations. Multi-operand CEToperations are highly recommended for use during creation of both cryptographic systems and networks due to the great increase in the cryptographic integrity and variance of cryptographic transformations. In cryptographic networks these operations are also applicable to implementing different stream encryption technologies based on CET-encryption [ 11 ]. According to defined limitations, non-symmetrical CET-operations, including commutative, non-commutative and mutually inverse, can be used during creation of a cryptographic network [ 11–13 ]. Overall, the acquired results apply to creating lightweight cryptographic networks for securing data in mobile or stationary computer and telecommunication networks [17–20].

We would like to note, that the attributes of any multi-operand CET-operation are defined by the attributes of a set of single-operand CET-operations used to create it. During creation of a cryptographic network, however, the sets of single-operand CET-operations required for ensuring proper operation are defined pseudorandomly based on sorting. This is because a cryptographic network is impossible to synthesize with predefined attributes of cryptographic transformation. We believe this to be the primary downside of this research. Nevertheless, it is possible to address this by implementing additional limitations into the model of a cryptographic network. These limitations are related to the attributes of single-operand operations and attributes of the result of the recurring cryptographic transformation.

We consider moving from cryptographic systems to cryptographic networks for securing data in computer and telecommunication networks the next stage in the development of cryptography. Utilization of generic cryptographic systems and cryptographic systems with mediators based on CET-operations lays the foundation for creating cryptographic networks while taking into account their structure and architecture.

We define technology applicable to the development of a cryptographic network with defined architecture as a development sequence of a model of limitations for functioning of a cryptographic network, as well as a sequence of defining sets of CET-operations.

A cryptographic network is less complex in terms of configuration in comparison to sets of cryptographic systems. It also greatly increases the number of options and combinations of network construction. In addition, network addressees can modify cryptograms, thus further increasing the variability of an algorithm used for ensuring network functioning. The dependence of both the model of cryptographic network and CET-operations sets on network structure and architecture creates additional obstacles for hackers. Finally, there are numerous options for solving a model of cryptographic network. This provides an option to apply multiple-key technologies of stream encryption based on the non-symmetrical commutative and non-commutative CET-operations.

We suggest further research to improve cryptographic network modeling to identify ways of defining sets of CET-operations with predefined attributes.

While preparing this work, the authors used the AI programs Grammarly Pro to correct text grammar and Strike Plagiarism to search for possible plagiarism. After using this tool, the authors reviewed and edited the content as needed and took full responsibility for the publication’s content. [14] P. Vorobets, et al., Implementing Post-Quantum KEMs: Practical Challenges and Solutions, in: Cybersecurity Providing in Information and Telecommunication Systems II (CPITS-II 2024), 3826, 2024, 212–219. [15] Y. Sovyn, et al., Minimization of Bitsliced Representation of 4×4 S-Boxes based on Ternary Logic Instruction, in: Cybersecurity Providing in Information and Telecommunication Systems, 3421, 2023, 12–24. [16] I. Opirskyy, et al., Evaluation of the Possibility of Realizing the Crime of the Information System at Different Stages of TCP/IP, in: IEEE 4th Int. Conf. Adv. Inf. Commun. Technol. (AICT), 2021, 261–265. doi:10.1109/AICT52120.2021.9628936 [17] A. Ilyenko, et al., Practical Aspects of Using Fully Homomorphic Encryption Systems to Protect Cloud Computing, in: Cybersecurity Providing in Information and Telecommunication Systems II, vol. 3550 (2023) 226-233. [18] R. Chernenko, et al., Encryption Method for Systems with Limited Computing Resources, in: Cybersecurity Providing in Information and Telecommunication Systems, vol. 3288 (2022) 142-148. [19] M. Iavich, et al., Classical and Post-Quantum Encryption for GDPR, in: Classic, Quantum, and

Post-Quantum Cryptography, vol. 3829 (2024) 70–78. [20] A. Horpenyuk, I. Opirskyy, P. Vorobets, Analysis of Problems and Prospects of Implementation of Post-Quantum Cryptographic Algorithms, in: Classic, Quantum, and PostQuantum Cryptography, 3504, 2023, pp. 39–49.