DETERMINATION OF ENTROPY COMPONENT IN SENSOR INDICATORS FOR GENERATION OF CRYPTOGRAPHIC KEYS OF THE MOBILE APPLICATION OF THE CLIENT-BANK SYSTEM

Abstract

The rapid penetration of the banking market of mobile banking creates not only new opportunities and conveniences, but also new risks and threats, which leads to increased requirements for information security of mobile services. One of the important components of the security of the mobile banking service of the client-bank system is the protection mechanisms based on the use of cryptographic keys. The stability of cryptographic keys is a guarantee of system reliability and, in turn, is based on the mechanisms of generating pseudo-random numbers using primary sources of entropy, for the effective use of which it is necessary to determine the type and capabilities of the source. The paper presents the results of the study of sensors of mobile communication devices as a source of entropy for generating cryptokeys of a mobile application of the client-bank system. An accelerometer, a temperature sensor, a gyroscope, a light brightness sensor, a magnetic field sensor, an atmospheric pressure sensor, a distance sensor, and a humidity sensor are considered as a source of entropy. The results of the research confirm the presence in the values of the sensors of mobile communication devices of a component suitable for use as a source of primary entropy for generators of pseudo-random numbers by cryptographic algorithms. In turn, pseudo-random number generators built with the use of mobile device sensors can be the basis of high-entropy cryptographic key generators in the client-bank system mobile banking services. The obtained results are focused on the implementation of algorithms and means of generating high-entropy pseudo-random numbers and can be used to reduce the risks of unauthorized access to customer information in the client-bank system by disclosing cryptokeys in mobile banking services.