<!DOCTYPE article PUBLIC "-//NLM//DTD JATS (Z39.96) Journal Archiving and Interchange DTD v1.0 20120330//EN" "JATS-archivearticle1.dtd">
<article xmlns:xlink="http://www.w3.org/1999/xlink">
  <front>
    <journal-meta />
    <article-meta>
      <title-group>
        <article-title>Cryptographic Key Exchange Method for Data Factorial Coding</article-title>
      </title-group>
      <contrib-group>
        <aff id="aff0">
          <label>0</label>
          <institution>Cherkasy State Technological University</institution>
          ,
          <addr-line>Cherkasy</addr-line>
          ,
          <country country="UA">Ukraine</country>
        </aff>
        <aff id="aff1">
          <label>1</label>
          <institution>O.S. Popov Odessa National Academy of Telecommunication</institution>
          ,
          <addr-line>Odessa</addr-line>
          ,
          <country country="UA">Ukraine</country>
        </aff>
        <aff id="aff2">
          <label>2</label>
          <institution>Taras Shevchenko National University of Kyiv</institution>
          ,
          <addr-line>Kyiv</addr-line>
          ,
          <country country="UA">Ukraine</country>
        </aff>
      </contrib-group>
      <pub-date>
        <year>2046</year>
      </pub-date>
      <fpage>0000</fpage>
      <lpage>0002</lpage>
      <abstract>
        <p>The paper proposes a new cryptographic key exchange method. The basic idea of the proposed method is to use a permutation of a given set as a transformation object. The mathematical background of the method is the property of permutations to be decomposed into the product of disjoint cycles, the property of unique factorization of the product of disjoint cycles raised to the powers smaller than their order, and the complexity of factorization of the product of permutations whose cycles are noncommutative. The conditions to be met by the transformation parameters are defined. The concepts of cycleand block-noncommutative permutations are introduced. These properties of two permutations known to all participants in information exchange are sufficient for the correct operation of the method. The key space cardinality of the values of cycles' exponents of two open permutations is investigated. It is shown that this cardinality is maximized if the disjoint cycles in the decomposition of open permutations are 3-cycles. The block diagram of a cryptographic system that implements the proposed method is investigated. Its work is described. The proposed method and system make it possible to generate a cryptographic key for information factorial coding without using a secure communication channel. They can also be used to form a non-permutation key.</p>
      </abstract>
      <kwd-group>
        <kwd>cryptography</kwd>
        <kwd>method</kwd>
        <kwd>key exchange</kwd>
        <kwd>permutation</kwd>
        <kwd>factorial coding</kwd>
      </kwd-group>
    </article-meta>
  </front>
  <body>
    <sec id="sec-1">
      <title>-</title>
      <p>Several information security tasks, such as providing authentication, confidentiality,
and integrity, are solved simultaneously when transmitting information in
communication systems and systems of managing various technological processes. In
particular, this is observed when transporting information arrays through noisy
communication channels, including through tunneled protocols on computer networks. A separate
solution of these tasks is associated with the use of different mathematical methods
and algorithms. This leads to an increase in the load on means of information
transforming and requirements for their productivity, to an increase in introduced
redundancy, and, as a consequence, to a decrease of a relative transmission rate. These</p>
      <p>circumstances actualize the problem of providing information security during its
storing and transmitting in telecommunication systems and networks by integrating
channel coding and cryptographic security methods.</p>
      <p>
        The factorial coding methodology [
        <xref ref-type="bibr" rid="ref1">1</xref>
        ] provides creation and study of methods for
combining the following types of data protection in a single procedure:
 protection against errors caused by noise in communication channel;
 protection against unauthorized data modification;
 protection against unauthorized data access.
      </p>
      <p>
        Separable factorial codes (FC) [
        <xref ref-type="bibr" rid="ref2 ref3">2, 3</xref>
        ] provide information integrity control and do
not ensure its confidentiality. Code combinations of such codes contain separate
information and control parts. The control part is a permutation  or its part. A
permutation of a set of M elements is a bijection from a finite set X of cardinality M into
itself. We denote the elements of a finite set X by nonnegative integers from 0 to
M 1 . Then X  0,1, , M 1 and the permutation  will be written as a
sequence of elements of the set X , where each of the numbers 0,1, , M 1 is
applied only once (without gaps and repetitions).
      </p>
      <p>
        Non-separable FCs [
        <xref ref-type="bibr" rid="ref4 ref5 ref6">4-6</xref>
        ] provide protection against unauthorized data access and
are able to detect and correct a significant part of errors. Code combinations of such
codes are formed by converting an information word A x into a permutation  .
They do not have separate information and control parts (as, for example, CRC codes
have). In addition, non-separable FCs are self-synchronizing codes. A
selfsynchronization property of the code removes the problem of frame synchronization
and eliminates the need for a delimiter in a data block header structure. Because of
this, an amount of redundancy introduced during coding is reduced.
      </p>
      <p>The key sequences for factorial coding methods are permutations. These key
permutations are kept secret.</p>
      <p>When encoding and decoding factorial codes, the same permutation is used.
Therefore, factorial coding methods have the disadvantage of symmetric cryptographic
transformation, such as the need to form a secret communication channel to transmit
key data.</p>
      <p>
        In [
        <xref ref-type="bibr" rid="ref7">7</xref>
        ], Whitfield Diffie and Martin Hellman proposed the first and the best-known
key agreement method. This method and the corresponding cryptographic device is
patented in the US with Ralph Merkle [
        <xref ref-type="bibr" rid="ref8">8</xref>
        ]. The proposed protocol (known as the
Diffie-Hellman key exchange) allows two parties to form a shared secret key based on
their own secret keys and each other's public keys. Cryptanalyst knows only public
keys of two parties. He is unable to calculate their shared secret key within an
acceptable amount of time and limited performance of computing facilities.
      </p>
      <p>
        This method uses a vulnerable to eavesdropping channel. However, it does not
provide user authentication. Therefore, it is vulnerable to the man-in-the-middle
attack. To solve this problem, a number of modifications to the method have been
proposed. In particular, they are outlined in [
        <xref ref-type="bibr" rid="ref10 ref9">9, 10</xref>
        ].
      </p>
      <p>
        A cryptographic strength of the Diffie-Hellman protocol and its modifications, as
well as the El Gamal algorithm [
        <xref ref-type="bibr" rid="ref11">11</xref>
        ], is based on the complexity of the discrete
logarithm problem. At the same time, quantum computers using the Shore algorithm [
        <xref ref-type="bibr" rid="ref12">12</xref>
        ]
will easily solve the problems of discrete logarithmization and factorization of
integers.
      </p>
      <p>
        To date, a number of post-quantum key exchange protocols have been developed,
including Supersingular isogeny Diffie–Hellman key exchange [
        <xref ref-type="bibr" rid="ref13">13</xref>
        ], NTRU [
        <xref ref-type="bibr" rid="ref14">14</xref>
        ],
Ring Learning with Errors Key Exchange [
        <xref ref-type="bibr" rid="ref15">15</xref>
        ].
      </p>
      <p>
        One of the most promising modern research areas in the field of cryptographic key
exchange is their quantum distribution [
        <xref ref-type="bibr" rid="ref16 ref17 ref18">16-18</xref>
        ]. However, to date, this direction has
limitations on transmission distance and communication network structure. In
addition, all of the above key exchange methods are not adapted for data factorial coding
that uses permutations.
      </p>
      <p>
        The purpose of this work is to provide the ability to generate cryptographic keys
for data factorial coding without using a secret communication channel. The key
exchange method should have the prerequisites for use in post-quantum
cryptography [
        <xref ref-type="bibr" rid="ref19 ref20 ref21 ref22 ref23 ref24 ref25">19-25</xref>
        ].
      </p>
      <p>The work is organized as follows. In Section 2, we describe our cryptographic key
exchange method. In Section 3, we analyze a key space cardinality and conditions to
its maximization. A cryptographic system and a description of its work are given in
Section 4. In the last section, we present the conclusion.
2</p>
    </sec>
    <sec id="sec-2">
      <title>Construction of Cryptographic Key Exchange Method</title>
      <p>The essence of the proposed approach is the following.</p>
      <p> Each exchange party generates a shared key by converting permutations
received from the other party. In this case, the direct transformations of permutations on
each party of information exchange are easy to implement, and the inverse
transformations are almost impossible to implement.</p>
      <p> The generated key is used for data factorial coding during forward and reverse
transformations of messages transmitted by an insecure communication channel.</p>
      <p>The method for factorial coding key exchange over an open channel involves the
following procedures.</p>
      <p> Two parties Alice and Bob know two permutations,  and  , and their
den  n 
compositions into the products of disjoint cycles:   i ,    j .
i1 j1
 Alice generates a random secret key in the form of two vectors
k  k1, k2 , , kn   and m  m1, m2 , , mn   of dimensions n   and n   ,
moreover 0  ki  l i  1 , 0  m j  l  j  1 , where l  i  , l  j  are the
orders of cycles  i and  j , respectively.
 Bob generates another random secret key in the form of two vectors
t  t1, t2 , , tn   and s   s1, s2 , , sn   of dimensions n   and n   , and
0  ti  l i  1 , 0  sj  l  j  1 .
n  n 
 Alice forms a permutation Y1   1 1 , where  1   iki , 1   jmj . Sends
i1 j1
Y1 to Bob.</p>
      <sec id="sec-2-1">
        <title>Y2 to Alice.</title>
        <p>n  n 
 Bob forms a permutation Y2   2 2 , where  2   iti , 2   jsj . Sends
i1 j1
 Receiving Y1 , Bob computes the shared key K   2 Y1 2 . Once getting Y ,
2
Alice obtains K   1 Y2 1 .</p>
        <p>The above operations and the procedure for their implementation ensure the
achievement of the claimed technical result. It consists in the possibility of data
factorial coding with its secure transmission over an insecure communication channel
without prearrangement of a cryptographic key over a secret channel. This is possible
because each party in the exchange of information independently forms a shared key
on its side.</p>
        <p>The proposed method is suitable for practical implementation.</p>
        <p>Correctness. We now show that if Alice and Bob do the above steps, they will
share an identical key K .</p>
        <p>Alice computes K1 1 Y2 1 1   2 2  1 and Bob computes
K2  2 Y1 2  2  1 1  2 . Because of the property of associativity of
reflections,</p>
        <p>K1 1  2 2  1  1  2   2 1 
K2  2  1 1  2   2 1   1 2  . Since
n 
 1  2   2  1   iki ti
i1
and
and
n 
1 2  2 1   jmj sj , K1  K2  K .</p>
        <p>j1</p>
        <p>Necessary conditions. We now determine the conditions that the conversion
parameters must satisfy.</p>
        <p>First, a cryptanalyst should not be able to easily calculate the values of k , m , t ,
and s by the known values of Y1 and Y2 . Second, the pairs of values  k; m , t; s 
must mutually uniquely determine Y1 and Y2 , respectively, that is k; m  Y1
and t; s  Y2 .</p>
        <sec id="sec-2-1-1">
          <title>We introduce the following definitions.</title>
          <p>Definition 1. Permutations  and  are called cycle-noncommutative if the
den  n 
compositions into the product of disjoint cycles    i ,    j have the
i1 j1
property  i j   j i for i, j .</p>
          <p>The property of cycle-noncommutativity of permutations  and  is sufficient to
provide a high degree of mixing elements in the products  1 1 and  2 2 . This
complicates the cryptanalyst work.</p>
          <p>Unique factorization property (condition of bijections k; m  Y1 and
t; s  Y2 ).</p>
          <p>n  n 
Let permutations    i and    j be cycle-noncommutative. Then the
i1 j1
n  n  n  n 
permutation Y1   1 1   iki   jmj (or Y2   2 2   iti   jsj ) is
mutui1 j1 i1 j1
ally uniquely determined by specifying the powers k  k1, k2 , , kn   and
m  m1, m2 , , mn   (or t  t1, t2 , , tn   and s   s1, s2 , , sn   ) if:
1. l i   2n  1, l  j   2n   1 for i, j ;
2. 0  ki  l i  1 , 0  m j  l  j  1 for i, j .</p>
        </sec>
        <sec id="sec-2-1-2">
          <title>These conditions are sufficient.</title>
          <p>Definition 2. Let permutations  and  be represented as the products of disjoint
cycles:</p>
          <p> 1  i1 i11  i2  iL11  iL  A1  A2   AL ,
  1   j1  j1 1   j2   jL1 1   jL  B1  B2   BL , where
Al il11  il , Bl   jl11   jl , 1  l  L , i0  0 , j0  0 . Then the
permutations  and  are called block-noncommutative if inequalities  i j   j i , where
il1 1  i  il , jl1 1  j  jl , are true for each pair of blocks Al ; Bl  , 1  l  L .</p>
          <p>The condition of block-noncommutativity of permutations  and  is more
lenient than the condition of cycle-noncommutativity. At the same time, it implies
cyclenoncommutativity between the corresponding blocks of permutations  and  and
allows the elements within the blocks to be mixed in the results of the products  1 1
and  2 2 .</p>
          <p>Remark. Block-noncommutativity of permutations  and  retains the property
n  n 
of unique factorization of permutations of the type Y      iti   jsj if each
i1 j1
block Al ; Bl  , 1  l  L , is uniquely factorized.
3</p>
        </sec>
      </sec>
    </sec>
    <sec id="sec-3">
      <title>Key Space Cardinality</title>
      <p>We now evaluate a cardinality of key space for the proposed key exchange method. A
secret key to a cryptosystem is a tuple  k, m, t, s  consisting of two pairs of vectors
that are Alice’s and Bob’s secret
k  k1, k2 , , kn  


m  m1, m2 , , mn  
</p>
      <p>t  t1, t2 , , tn  
and 
s   s1, s2 , , sn  

keys.</p>
      <p>The
following
conditions
must
be
met:
0  mj , sj  l  j  1 , where l  i  , l  j  are the orders of cycles  i and  j ,
respectively. Then the key space cardinality is equal to
n  2 n  2  n  n  2
  l  i   l  j    l  i   l  j   .</p>
      <p>i1 j1  i1 j1 </p>
      <p>We define the conditions under which the value  will be maximized. Since the
order of cyclic permutation is equal to its length, the following equalities are true:
n  n 
 l  i   M   and  l  j   M   , where M   and M   are the lengths
i1 j1
0  ki ,ti  l i  1,
of
permutations

and
 , respectively.</p>
      <p>Then
n 
 l  i   max
i1
and
n 
l  j   max , when l i   M   n  and l  j   M   n   for i, j
j1
,
as
well
n    M   e
and
n   M   e .</p>
      <sec id="sec-3-1">
        <title>Because</title>
        <p> n  n  2
M  , M  , n , n ,l  ,l    Z , then    l  i   l  j    max ,
 i1 j1 
when M   mod 3  0 , M   mod 3  0 , n   M   3 , n   M   3 , and
l i   l  j   3 for i, j . Then   32n n   32M  M   3 .</p>
        <p>Thus, to achieve the maximum of key space cardinality, it is necessary to form
permutations  and  as the product of disjoint 3-cycles. Under these conditions,
the cardinality of the space of possible permutation 
values is equal to
    3n   M  !. The cardinality of the space of possible permutation 
values depends on a method for its forming and requires additional research.</p>
        <p>Consider a few examples.</p>
        <p>Example 1. A permutation  cycle-noncommutative to a permutation  can be
formed for M    M   as follows. Each of the cycles  j , 1  j  n   ,
contains one randomly selected element from each of the cycles  i , 1  i  n  . If
l i   3 , then n    3 and l  j   n   for j . Then the cardinality of the
space of possible permutation </p>
        <p>values is equal to     3!n  . Note that
l  j   3 for j is possible only when n   n   3 .</p>
        <p>Example 2. A method of forming a permutation  block-noncommutative to a
permutation  may be as follows. Disjoint cycles are grouped into blocks of three:
1, 2 , 3  ,  4 , 5 , 6  , ,  i , i1, i2 , ,  n 2 , n 1, n   . The first
element of a cycle  i is selected randomly from the elements of a cycle  i , the second
element – from the elements of a cycle  i1 , and the third – from a cycle  i2 . The
first element of a cycle i1 is randomly selected from the rest of the elements of a
cycle  i , the second element – from the rest elements of a cycle  i1 , and the third –
from a cycle  i2 . The elements of a cycle  i2 are uniquely defined. Note that this
method of forming  requires n   0 . Then the cardinality of the space of
pos3
sible permutation  values is equal to     3!3 n  3  3!n  .
4</p>
      </sec>
    </sec>
    <sec id="sec-4">
      <title>Cryptographic System Description</title>
      <p>The method for factorial coding key exchange can be implemented in a cryptographic
system, a block diagram of which is shown in Fig. 1.</p>
      <p>Two-way communication between Alice 1 and Bob 2 is exchanged on an open
insecure duplex (half-duplex) communication channel 7 using transceivers 6 and 8.
Alice and Bob have factorial codecs 3 and 9, shared key generators 4 and 10, as well
as their own secret key generators 5 and 11, respectively. Let Alice creates a plaintext
So . Then codecs 3 and 9 perform transformations FCK So  and FCK1 (the opposite
of transformation FCK ), respectively. These transformations depend on the shared
key, permutation K . Factorial codec 5 generates a codeword CW , which is
transmitted by transceiver 6 through the open channel 7 to the Bob’s transceiver 8. The
codeword CW is decoded in the codec 9.</p>
      <p>Own key generators 5 and 11 are independent generators based on random or
pseudorandom processes. Alice’s key generator 5 creates four signals:  , , k, m . The
requirements for these variables are described above. Two permutations  and 
are sent over the insecure communication channel 7 to the Bob’s shared key generator
10. Vectors k, m are transmitted to the shared key generator 4 and are kept secret by
Alice. Bob’s own key generator 11 generates two signals t, s and transmits them to
the shared key generator 10. Vectors t and s are keep secret by Bob.</p>
      <p>So</p>
      <p>Factorial codec</p>
      <p>3</p>
      <p>K
Shared key
gene4rator
 , ,k,m</p>
      <p>Own key
gene5rator</p>
      <p>CW
 , ,Y1</p>
      <p>Y2
Alice 1</p>
      <sec id="sec-4-1">
        <title>Trans6ceiver</title>
        <p>Insecure
communication
channel
7</p>
      </sec>
      <sec id="sec-4-2">
        <title>Trans8ceiver</title>
        <p>CW
 , ,Y1</p>
        <p>Y2</p>
        <p>Factorial codec</p>
        <p>9</p>
        <p>K
Shared key
generator</p>
        <p>10
t,s
Own key
generator
11</p>
        <p>Bob 2</p>
        <p>So</p>
        <p>The shared key generators 4 and 10 form a common transformation key K . For
this, the shared key generator 4 generates a signal Y1 based on the values of signals
 , , k, m and transmits it to the shared key generator 10. In turn, the shared key
generator 10 generates a signal Y2 based on the values of signals  , ,t, s and
transmits it to the shared key generator 4. Direct calculating of Y1 and Y2 values does not
cause difficulties. Inverse calculating of k and m values from known  ,  , and Y1
, as well as t and s from known  ,  , and Y2 is practically impossible.</p>
        <p>Signal Y1 is formed in such a way as to correspond to the permutation on the set
0,1, , M 1 formed by the product of the other two permutations,  1 and 1 . The
permutation  1 is formed by exponentiation of permutation elements, which values
are transmitted by signal  , to powers, which values are transmitted by signal
k  k1, k2 , , kn   . The permutation 1 is formed by exponentiation of permutation
elements, which values are transmitted by signal  , to powers, which values are
transmitted by signal m  m1, m2 , , mn   .</p>
        <p>Signal Y2 is formed in such a way as to correspond to the permutation on the set
0,1, , M 1 formed by the product of the other two permutations,  2 and 2 . The
permutation  2 is formed by exponentiation of permutation elements, which values
are transmitted by signal  , to powers, which values are transmitted by signal
t  t1, t2 , , tn   . The permutation 2 is formed by exponentiation of permutation
elements, which values are transmitted by signal  , to powers, which values are
transmitted by signal s   s1, s2 , , sn   .</p>
        <p>Receiving signal Y2 , the shared key generator 4 generates a signal K . It
corresponds to the permutation formed by the product of permutations transmitted by
signals  1 , Y2 , and 1 , and strictly in that order, K   1 Y2 1 . Symbolically, the
process of calculating a shared key by Alice can be represented as follows:
n  n 
K   1 Y2 1   1   2 2  1   1  2   2 1    iki ti   jmj sj .
i1 j1
Receiving signal Y1 , the shared key generator 10 generates a signal K . It corresponds
to the permutation formed by the product of permutations transmitted by signals  2 ,
Y1 , and 2 , and strictly in that order, K   2 Y1 2 . Symbolically, the process of
calculating a shared key by Bob can be represented as follows:
n  n 
K   2 Y1 2   2   1 1  2   1  2   2 1    iki ti   jmj sj .
i1 j1
Signals K corresponding to the same permutation key formed by the shared key
generators 4 and 10, are transmitted to the inputs of the codecs 3 and 9. There they are
used to encode a plaintext So and decode a codeword CW , respectively.</p>
        <p>
          Similar to [
          <xref ref-type="bibr" rid="ref8">8</xref>
          ], we can show that the scheme of practical implementation of the
proposed method may be different from shown in Fig. 1. Signals  and  may be in
the public domain and not generated by the key generator of one of the parties. In
addition, there may be significantly more than two parties. It is then advisable to place
the value Yi of the i -th party to an open directory, a public file or directory, rather
than transmit it between users each time. In this case, the two parties, i and j , that
establish a secure connection form a shared encryption key by computing
Kij   i Yj i and K ji   j Yi  j .
5
        </p>
      </sec>
    </sec>
    <sec id="sec-5">
      <title>Conclusions</title>
      <p>The proposed key exchange method allows forming a symmetric key, permutation,
for data factorial coding without using a secure communication channel.</p>
      <p>This method can be used not only for factorial coding tasks. This is explained by
the fact that the obtained permutation, being the key for factorial code, corresponds to
a certain number in the factorial number system. This number can easily be
represented in any other number system (binary, decimal, etc.).</p>
      <p>A detailed study of the cryptographic strength of the proposed key exchange
method is an area for further research in this field.</p>
    </sec>
    <sec id="sec-6">
      <title>Acknowledgments</title>
      <p>The authors express their sincere appreciation to Ph.D., Associate Professor,
Honorary Professor of Cherkasy State Technological University Valerii Shvydkyi for the
full support of this area of work, constructive comments and suggestions when
writing the work, and useful discussion of the results.</p>
    </sec>
  </body>
  <back>
    <ref-list>
      <ref id="ref1">
        <mixed-citation>
          1.
          <string-name>
            <surname>Faure</surname>
          </string-name>
          , E.:
          <article-title>Methodology of information security based on factorial data coding</article-title>
          .
          <source>Dr. Sc. Eng. Thesis</source>
          , National Aviation University, Kyiv, Ukraine (
          <year>2018</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref2">
        <mixed-citation>
          2.
          <string-name>
            <surname>Faure</surname>
            ,
            <given-names>E.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Shvydkyi</surname>
            ,
            <given-names>V.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Shcherba</surname>
            ,
            <given-names>A.</given-names>
          </string-name>
          :
          <article-title>Information integrity control based on factorial number system</article-title>
          .
          <source>Journal of Baku engineering university - Mathematics and computer science 1(1)</source>
          ,
          <fpage>3</fpage>
          -
          <lpage>13</lpage>
          (
          <year>2017</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref3">
        <mixed-citation>
          3.
          <string-name>
            <surname>Faure</surname>
            ,
            <given-names>E.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Shvydkyi</surname>
            ,
            <given-names>V.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Shcherba</surname>
            ,
            <given-names>V.</given-names>
          </string-name>
          :
          <article-title>Combined factorial coding and its properties</article-title>
          .
          <source>Radio Electronics, Computer Science, Control</source>
          <volume>3</volume>
          ,
          <fpage>80</fpage>
          -
          <lpage>86</lpage>
          (
          <year>2016</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref4">
        <mixed-citation>
          4.
          <string-name>
            <surname>Faure</surname>
          </string-name>
          , E.:
          <article-title>Factorial coding with data recovery</article-title>
          .
          <source>Visnyk Cherkaskogo derzhavnogo tehnologichnogo universitetu 2</source>
          ,
          <fpage>33</fpage>
          -
          <lpage>39</lpage>
          (
          <year>2016</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref5">
        <mixed-citation>
          5.
          <string-name>
            <surname>Faure</surname>
          </string-name>
          , E.:
          <article-title>Factorial coding with error correction</article-title>
          .
          <source>Radio Electronics, Computer Science, Control</source>
          <volume>3</volume>
          ,
          <fpage>130</fpage>
          -
          <lpage>138</lpage>
          (
          <year>2017</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref6">
        <mixed-citation>
          6.
          <string-name>
            <surname>Faure</surname>
            ,
            <given-names>E.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Shcherba</surname>
            ,
            <given-names>A.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Kharin</surname>
            ,
            <given-names>A.</given-names>
          </string-name>
          :
          <article-title>Factorial code with a given number of inversions</article-title>
          .
          <source>Radio Electronics, Computer Science, Control</source>
          <volume>2</volume>
          ,
          <fpage>143</fpage>
          -
          <lpage>153</lpage>
          (
          <year>2018</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref7">
        <mixed-citation>
          7.
          <string-name>
            <surname>Diffie</surname>
            ,
            <given-names>W.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Hellman</surname>
            ,
            <given-names>M.</given-names>
          </string-name>
          :
          <article-title>New directions in cryptography</article-title>
          .
          <source>IEEE Transactions on Information Theory (6)</source>
          ,
          <fpage>644</fpage>
          -
          <lpage>654</lpage>
          (
          <year>1976</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref8">
        <mixed-citation>
          8.
          <string-name>
            <surname>Hellman</surname>
            ,
            <given-names>M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Diffie</surname>
            ,
            <given-names>W.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Merkle</surname>
          </string-name>
          , R.:
          <article-title>Cryptographic apparatus and method</article-title>
          .
          <source>US Patent 4</source>
          ,
          <issue>200</issue>
          ,
          <issue>770</issue>
          (
          <year>1980</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref9">
        <mixed-citation>
          9.
          <string-name>
            <surname>Günther</surname>
            ,
            <given-names>C.</given-names>
          </string-name>
          :
          <article-title>An identity-based key-exchange protocol</article-title>
          .
          <source>Advances in Cryptology - Eurocrypt 89, 1989. Lecture Notes in Computer Science</source>
          , vol.
          <volume>434</volume>
          , pp.
          <fpage>29</fpage>
          -
          <lpage>37</lpage>
          . SpringerVerlag, Berlin/New York (
          <year>1989</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref10">
        <mixed-citation>
          10.
          <string-name>
            <surname>Diffie</surname>
            , W., van Oorschot,
            <given-names>P.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Wiener</surname>
            ,
            <given-names>M.</given-names>
          </string-name>
          :
          <article-title>Authentication and authenticated key exchanges</article-title>
          .
          <source>Designs, Codes and Cryptography</source>
          <volume>2</volume>
          (
          <issue>2</issue>
          ),
          <fpage>107</fpage>
          -
          <lpage>125</lpage>
          (
          <year>1992</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref11">
        <mixed-citation>
          11.
          <string-name>
            <surname>ElGamal</surname>
          </string-name>
          , T.:
          <article-title>A public-key cryptosystem and a signature scheme based on discrete logarithms</article-title>
          .
          <source>IEEE Transactions on Information Theory</source>
          <volume>31</volume>
          (
          <issue>4</issue>
          ),
          <fpage>469</fpage>
          -
          <lpage>472</lpage>
          (
          <year>1985</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref12">
        <mixed-citation>
          12.
          <string-name>
            <surname>Shor</surname>
            ,
            <given-names>P.</given-names>
          </string-name>
          :
          <article-title>Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer</article-title>
          .
          <source>SIAM Journal on Computing</source>
          <volume>26</volume>
          (
          <issue>5</issue>
          ),
          <fpage>1484</fpage>
          -
          <lpage>1509</lpage>
          (
          <year>1997</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref13">
        <mixed-citation>
          13.
          <string-name>
            <surname>Jao</surname>
            <given-names>D.</given-names>
          </string-name>
          , De Feo L.:
          <article-title>Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies</article-title>
          .
          <source>In: Yang BY</source>
          .
          <article-title>(eds) Post-Quantum Cryptography</article-title>
          .
          <source>PQCrypto 2011. Lecture Notes in Computer Science</source>
          , vol.
          <volume>7071</volume>
          , pp.
          <fpage>19</fpage>
          -
          <lpage>34</lpage>
          . Springer, Berlin, Heidelberg (
          <year>2011</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref14">
        <mixed-citation>
          14.
          <article-title>Initial recommendations of long-term secure post-quantum systems</article-title>
          .
          <source>PQCRYPTO.EU. Horizon 2020 ICT-645622.</source>
        </mixed-citation>
      </ref>
      <ref id="ref15">
        <mixed-citation>
          15.
          <string-name>
            <surname>Ding</surname>
            ,
            <given-names>J.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Xie</surname>
            ,
            <given-names>X.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Lin</surname>
            ,
            <given-names>X.</given-names>
          </string-name>
          :
          <article-title>A simple provably secure key exchange scheme based on the learning with errors problem</article-title>
          .
          <source>Cryptology ePrint Archive, Report</source>
          <year>2012</year>
          /688 (
          <year>2014</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref16">
        <mixed-citation>
          16.
          <string-name>
            <surname>Folger</surname>
            ,
            <given-names>T.</given-names>
          </string-name>
          :
          <article-title>The quantum hack</article-title>
          .
          <source>Scientific American</source>
          <volume>314</volume>
          ,
          <fpage>48</fpage>
          -
          <lpage>55</lpage>
          (
          <year>2016</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref17">
        <mixed-citation>
          17.
          <string-name>
            <surname>Korchenko</surname>
            ,
            <given-names>O.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Vasiliu</surname>
          </string-name>
          , Ye.,
          <string-name>
            <surname>Gnatyuk</surname>
            ,
            <given-names>S.</given-names>
          </string-name>
          :
          <article-title>Modern quantum technologies of information security against cyberterrorist attacks</article-title>
          ,
          <source>Aviation</source>
          <volume>14</volume>
          (
          <issue>2</issue>
          ),
          <fpage>58</fpage>
          -
          <lpage>69</lpage>
          (
          <year>2010</year>
          ).
        </mixed-citation>
      </ref>
      <ref id="ref18">
        <mixed-citation>
          18. S. Gnatyuk,
          <string-name>
            <given-names>T.</given-names>
            <surname>Zhmurko</surname>
          </string-name>
          ,
          <string-name>
            <given-names>P.</given-names>
            <surname>Falat</surname>
          </string-name>
          ,
          <article-title>Efficiency Increasing Method for Quantum Secure Direct Communication Protocols</article-title>
          ,
          <source>Proceedings of the 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications</source>
          (IDAACS'
          <year>2015</year>
          ), Warsaw, Poland,
          <source>September 24-26</source>
          , Vol.
          <volume>1</volume>
          ,
          <year>2015</year>
          , рр.
          <fpage>468</fpage>
          -
          <lpage>472</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref19">
        <mixed-citation>
          19.
          <string-name>
            <given-names>S.</given-names>
            <surname>Gnatyuk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>A.</given-names>
            <surname>Okhrimenko</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Kovtun</surname>
          </string-name>
          ,
          <string-name>
            <given-names>T.</given-names>
            <surname>Gancarczyk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>V.</given-names>
            <surname>Karpinskyi</surname>
          </string-name>
          ,
          <article-title>Method of Algorithm Building for Modular Reducing by Irreducible Polynomial</article-title>
          ,
          <source>Proceedings of the 16th International Conference on Control, Automation and Systems</source>
          , Oct.
          <volume>16</volume>
          -
          <fpage>19</fpage>
          , Gyeongju, Korea,
          <year>2016</year>
          , рр.
          <fpage>1476</fpage>
          -
          <lpage>1479</lpage>
          .
        </mixed-citation>
      </ref>
      <ref id="ref20">
        <mixed-citation>
          20. Hu
          <string-name>
            <given-names>Z.</given-names>
            ,
            <surname>Gnatyuk</surname>
          </string-name>
          <string-name>
            <given-names>S.</given-names>
            ,
            <surname>Kovtun</surname>
          </string-name>
          <string-name>
            <given-names>M.</given-names>
            ,
            <surname>Seilova</surname>
          </string-name>
          <string-name>
            <surname>N.</surname>
          </string-name>
          <article-title>Method of searching birationally equivalent Edwards curves over binary fields</article-title>
          ,
          <source>Advances in Intelligent Systems and Computing</source>
          , Vol.
          <volume>754</volume>
          , pp.
          <fpage>309</fpage>
          -
          <lpage>319</lpage>
          ,
          <year>2019</year>
          .
        </mixed-citation>
      </ref>
      <ref id="ref21">
        <mixed-citation>
          21.
          <string-name>
            <given-names>S.</given-names>
            <surname>Gnatyuk</surname>
          </string-name>
          ,
          <string-name>
            <given-names>V.</given-names>
            <surname>Kinzeryavyy</surname>
          </string-name>
          ,
          <string-name>
            <given-names>M.</given-names>
            <surname>Iavich</surname>
          </string-name>
          ,
          <string-name>
            <given-names>D.</given-names>
            <surname>Prysiazhnyi</surname>
          </string-name>
          , Kh. Yubuzova,
          <article-title>High-Performance Reliable Block Encryption Algorithms Secured against Linear and Differential Cryptanalytic Attacks</article-title>
          ,
          <source>CEUR Workshop Proceedings</source>
          , Vol.
          <volume>2104</volume>
          , pp.
          <fpage>657</fpage>
          -
          <lpage>668</lpage>
          ,
          <year>2018</year>
          .
        </mixed-citation>
      </ref>
      <ref id="ref22">
        <mixed-citation>
          22.
          <string-name>
            <surname>Tynymbayev</surname>
            <given-names>S.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Gnatyuk</surname>
            <given-names>S.A.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Aitkhozhayeva</surname>
            <given-names>Y.Z.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Berdibayev</surname>
            <given-names>R.S.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Namazbayev</surname>
            <given-names>T.A.</given-names>
          </string-name>
          <article-title>Modular reduction based on the divider by blocking negative remainders</article-title>
          ,
          <source>News of the National Academy of Sciences of the Republic of Kazakhstan, Series of Geology and Technical Sciences, №</source>
          <volume>2</volume>
          (
          <issue>434</issue>
          ), pp.
          <fpage>238</fpage>
          -
          <lpage>248</lpage>
          ,
          <year>2019</year>
          .
        </mixed-citation>
      </ref>
      <ref id="ref23">
        <mixed-citation>
          23.
          <string-name>
            <surname>Korobiichuk</surname>
            <given-names>I.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Syerov</surname>
            <given-names>Y.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Fedushko</surname>
            <given-names>S.</given-names>
          </string-name>
          (
          <year>2020</year>
          )
          <article-title>The Method of Semantic Structuring of Virtual Community Content</article-title>
          .
          <source>Mechatronics 2019: Recent Advances Towards Industry 4.0. MECHATRONICS 2019. Advances in Intelligent Systems and Computing</source>
          , vol
          <volume>1044</volume>
          . Springer. pp
          <fpage>11</fpage>
          -
          <lpage>18</lpage>
          . https://doi.org/10.1007/978-3-
          <fpage>030</fpage>
          -29993-
          <issue>4</issue>
          _
          <fpage>2</fpage>
        </mixed-citation>
      </ref>
      <ref id="ref24">
        <mixed-citation>
          24.
          <string-name>
            <surname>Kalimoldayev</surname>
            <given-names>M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Tynymbayev</surname>
            <given-names>S.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Gnatyuk</surname>
            <given-names>S.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Ibraimov</surname>
            <given-names>M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Magzom</surname>
            <given-names>M.</given-names>
          </string-name>
          <article-title>The device for multiplying polynomials modulo an irreducible polynomial</article-title>
          ,
          <source>News of the National Academy of Sciences of the Republic of Kazakhstan, Series of Geology and Technical Sciences, №</source>
          <volume>2</volume>
          (
          <issue>434</issue>
          ), pp.
          <fpage>199</fpage>
          -
          <lpage>205</lpage>
          ,
          <year>2019</year>
          .
        </mixed-citation>
      </ref>
      <ref id="ref25">
        <mixed-citation>
          25.
          <string-name>
            <surname>Gnatyuk</surname>
            <given-names>S.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Kinzeryavyy</surname>
            <given-names>V.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Kyrychenko</surname>
            <given-names>K.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Yubuzova</surname>
            <given-names>Kh.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Aleksander</surname>
            <given-names>M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Odarchenko</surname>
            <given-names>R.</given-names>
          </string-name>
          <string-name>
            <surname>Secure</surname>
          </string-name>
          <article-title>Hash Function Constructing for Future Communication Systems</article-title>
          and Networks,
          <source>Advances in Intelligent Systems and Computing</source>
          , Vol.
          <volume>902</volume>
          , pp.
          <fpage>561</fpage>
          -
          <lpage>569</lpage>
          ,
          <year>2020</year>
          .
        </mixed-citation>
      </ref>
      <ref id="ref26">
        <mixed-citation>
          26.
          <string-name>
            <surname>Iavich</surname>
            <given-names>M.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Gagnidze</surname>
            <given-names>A.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Iashvili</surname>
            <given-names>G.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Gnatyuk</surname>
            <given-names>S.</given-names>
          </string-name>
          ,
          <string-name>
            <surname>Vialkova</surname>
            <given-names>V</given-names>
          </string-name>
          .
          <article-title>Lattice based Merkle</article-title>
          ,
          <source>CEUR Workshop Proceedings</source>
          , Vol.
          <volume>2470</volume>
          , pp.
          <fpage>13</fpage>
          -
          <lpage>16</lpage>
          ,
          <year>2019</year>
          .
        </mixed-citation>
      </ref>
    </ref-list>
  </back>
</article>