Enterprise Secure Messaging for Critical Infrastructure: From Signal-Class Cryptography to National Cybersecurity Strategy
Artur Valiulin , Independent PhD Researcher Tashkent University of Information Technologies named after Muhammad al-Khwarizmi Tashkent, UzbekistanAbstract
The rapid digital transformation of critical information infrastructure has significantly increased the strategic importance of secure enterprise communications. While public messaging platforms provide effective end-to-end encryption, they generally lack the governance, infrastructure sovereignty, and regulatory capabilities required by banking institutions, government agencies, and operators of critical information infrastructure. Consequently, secure communications should be considered not only as a cryptographic challenge but also as an essential component of organizational resilience and national cybersecurity.
This paper proposes the Enterprise Secure Communication Architecture (ESCA), a conceptual framework that extends modern Signal-class cryptography by integrating X3DH key agreement and the Double Ratchet protocol with enterprise governance, device-centric security, infrastructure sovereignty, operational resilience, and regulatory compliance. As a practical implementation of the proposed approach, the study examines the architecture of the PRIVATGRAM secure corporate messenger developed for highly regulated environments. The results demonstrate that enterprise secure messaging can evolve beyond encrypted communication into a strategic cybersecurity capability supporting organizational governance, protection of critical information infrastructure, digital sovereignty, and national cybersecurity objectives.
Keywords
Enterprise secure messaging, critical information infrastructure, cybersecurity strategy
References
European Parliament and Council of the European Union. (2022). Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2 Directive). https://eur-lex.europa.eu/
European Parliament and Council of the European Union. (2022). Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (Digital Operational Resilience Act – DORA). https://eur-lex.europa.eu/
Krawczyk, H., & Eronen, P. (2010). HMAC-based Extract-and-Expand Key Derivation Function (HKDF) (RFC 5869). Internet Engineering Task Force. https://doi.org/10.17487/RFC5869
Langley, A., Hamburg, M., & Turner, S. (2016). Elliptic Curves for Security (RFC 7748). Internet Engineering Task Force. https://doi.org/10.17487/RFC7748
Marlinspike, M., & Perrin, T. (2016). The X3DH Key Agreement Protocol. Signal Foundation. https://signal.org/docs/specifications/x3dh/
National Institute of Standards and Technology. (2024). The NIST Cybersecurity Framework (CSF) 2.0 (NIST CSWP 29). https://doi.org/10.6028/NIST.CSWP.29
Odebade, A. T., & Benkhelifa, E. (2023). A Comparative Study of National Cyber Security Strategies of Ten Nations. arXiv. https://arxiv.org/abs/2303.13938
Perrin, T., & Marlinspike, M. (2016). The Double Ratchet Algorithm. Signal Foundation. https://signal.org/docs/specifications/doubleratchet/
Republic of Uzbekistan. (2022). Law of the Republic of Uzbekistan No. ZRU-764 "On Cybersecurity".
Republic of Uzbekistan. (2025). Cybersecurity Strategy of the Republic of Uzbekistan. https://lex.uz/ru/docs/8079279
Republic of Uzbekistan. (2023). Presidential Resolution No. PP-167 "On Measures to Further Improve the Cybersecurity System of Critical Information Infrastructure Facilities".
The White House. (2023). National Cybersecurity Strategy. https://www.whitehouse.gov/
Dworkin. M. (2007). Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC (NIST Special Publication 800-38D). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-38D
Valiulin. A. (2026). Architecture of the PRIVATGRAM Secure Corporate Messenger for Critical Infrastructure Based on X3DH and Double Ratchet Protocols. The American Journal of Engineering and Technology, 8(05), 159–164. https://doi.org/10.37547/tajet/Volume08Issue05-15
Download and View Statistics
Copyright License
Copyright (c) 2026 Artur Valiulin

This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.

Applied Sciences
| Open Access |
DOI: