Applied Sciences | Open Access | DOI: https://doi.org/10.37547/tajas/Volume08Issue06-18

Enterprise Secure Messaging for Critical Infrastructure: From Signal-Class Cryptography to National Cybersecurity Strategy

Artur Valiulin , Independent PhD Researcher Tashkent University of Information Technologies named after Muhammad al-Khwarizmi Tashkent, Uzbekistan

Abstract

The rapid digital transformation of critical information infrastructure has significantly increased the strategic importance of secure enterprise communications. While public messaging platforms provide effective end-to-end encryption, they generally lack the governance, infrastructure sovereignty, and regulatory capabilities required by banking institutions, government agencies, and operators of critical information infrastructure. Consequently, secure communications should be considered not only as a cryptographic challenge but also as an essential component of organizational resilience and national cybersecurity.

This paper proposes the Enterprise Secure Communication Architecture (ESCA), a conceptual framework that extends modern Signal-class cryptography by integrating X3DH key agreement and the Double Ratchet protocol with enterprise governance, device-centric security, infrastructure sovereignty, operational resilience, and regulatory compliance. As a practical implementation of the proposed approach, the study examines the architecture of the PRIVATGRAM secure corporate messenger developed for highly regulated environments. The results demonstrate that enterprise secure messaging can evolve beyond encrypted communication into a strategic cybersecurity capability supporting organizational governance, protection of critical information infrastructure, digital sovereignty, and national cybersecurity objectives.

Keywords

Enterprise secure messaging, critical information infrastructure, cybersecurity strategy

References

European Parliament and Council of the European Union. (2022). Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2 Directive). https://eur-lex.europa.eu/

European Parliament and Council of the European Union. (2022). Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (Digital Operational Resilience Act – DORA). https://eur-lex.europa.eu/

Krawczyk, H., & Eronen, P. (2010). HMAC-based Extract-and-Expand Key Derivation Function (HKDF) (RFC 5869). Internet Engineering Task Force. https://doi.org/10.17487/RFC5869

Langley, A., Hamburg, M., & Turner, S. (2016). Elliptic Curves for Security (RFC 7748). Internet Engineering Task Force. https://doi.org/10.17487/RFC7748

Marlinspike, M., & Perrin, T. (2016). The X3DH Key Agreement Protocol. Signal Foundation. https://signal.org/docs/specifications/x3dh/

National Institute of Standards and Technology. (2024). The NIST Cybersecurity Framework (CSF) 2.0 (NIST CSWP 29). https://doi.org/10.6028/NIST.CSWP.29

Odebade, A. T., & Benkhelifa, E. (2023). A Comparative Study of National Cyber Security Strategies of Ten Nations. arXiv. https://arxiv.org/abs/2303.13938

Perrin, T., & Marlinspike, M. (2016). The Double Ratchet Algorithm. Signal Foundation. https://signal.org/docs/specifications/doubleratchet/

Republic of Uzbekistan. (2022). Law of the Republic of Uzbekistan No. ZRU-764 "On Cybersecurity".

Republic of Uzbekistan. (2025). Cybersecurity Strategy of the Republic of Uzbekistan. https://lex.uz/ru/docs/8079279

Republic of Uzbekistan. (2023). Presidential Resolution No. PP-167 "On Measures to Further Improve the Cybersecurity System of Critical Information Infrastructure Facilities".

The White House. (2023). National Cybersecurity Strategy. https://www.whitehouse.gov/

Dworkin. M. (2007). Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC (NIST Special Publication 800-38D). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-38D

Valiulin. A. (2026). Architecture of the PRIVATGRAM Secure Corporate Messenger for Critical Infrastructure Based on X3DH and Double Ratchet Protocols. The American Journal of Engineering and Technology, 8(05), 159–164. https://doi.org/10.37547/tajet/Volume08Issue05-15

Download and View Statistics

Views: 0   |   Downloads: 0

Copyright License

Download Citations

How to Cite

Artur Valiulin. (2026). Enterprise Secure Messaging for Critical Infrastructure: From Signal-Class Cryptography to National Cybersecurity Strategy. The American Journal of Applied Sciences, 8(06), 339–349. https://doi.org/10.37547/tajas/Volume08Issue06-18