Engineering and Technology
| Open Access |
DOI: Architecture of The PRIVATGRAM Secure Corporate Messenger for Critical Infrastructure Based on X3DH And Double Ratchet Protocols
Artur Valiulin , Independent PhD Researcher Tashkent University of Information Technologies named after Muhammad al-Khwarizmi Tashkent, UzbekistanAbstract
The rapid development of mobile messaging applications has significantly transformed internal communications within banks, government institutions, and other critical information infrastructure (CII) facilities. However, the use of foreign public communication platforms creates risks associated with confidential data leakage, metadata exposure, dependence on foreign infrastructure, and insufficient administrative control.
This paper proposes the architecture of PRIVATGRAM, a sovereign secure corporate messenger designed for the banking sector and critical infrastructure organizations. The proposed architecture is based on a modified Signal-class security model and integrates the X3DH key agreement protocol and the Double Ratchet algorithm. Unlike consumer-oriented solutions, PRIVATGRAM implements centralized administration, device-level session isolation, persistent ratchet-state storage, role-based access control, secure session recovery mechanisms, and sovereign on-premises deployment capabilities.
The research demonstrates that sovereign secure messaging systems can significantly reduce cybersecurity risks, enhance digital sovereignty, and ensure compliance with the operational requirements of the banking sector and critical infrastructure facilities.
Keywords
Cybersecurity, corporate messenger, Double Ratchet
References
Perrin T., Marlinspike M. «The Double Ratchet Algorithm». Signal Foundation. https://signal.org/docs/specifications/doubleratchet/
Marlinspike M., Perrin T. «The X3DH Key Agreement Protocol». Signal Foundation. https://signal.org/docs/specifications/x3dh/
Signal Foundation. «Signal Protocol Specifications». https://signal.org/docs/
Krawczyk H., Eronen P. «HMAC-based Extract-and-Expand Key Derivation Function, RFC 5869». IETF, 2010. https://datatracker.ietf.org/doc/html/rfc5869
Dworkin M. «Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC». NIST SP 800-38D. https://csrc.nist.gov/publications/detail/sp/800-38d/final
Rescorla E. «The Transport Layer Security (TLS) Protocol Version 1.3, RFC 8446». IETF, 2018. https://datatracker.ietf.org/doc/html/rfc8446
Cohn-Gordon K., Cremers C., Dowling B., Garratt L., Stebila D. «A Formal Security Analysis of the Signal Messaging Protocol». IEEE European Symposium on Security and Privacy, 2017. https://eprint.iacr.org/2016/1013.pdf
Republic of Uzbekistan. Law of the Republic of Uzbekistan “On Cybersecurity” №ZRU-764, April 15, 2022. https://lex.uz/ru/docs/5960609.
President of the Republic of Uzbekistan. Resolution № PP-167 “On Additional Measures for Improving the Cybersecurity System of Critical Information Infrastructure Facilities of the Republic of Uzbekistan”, May 31, 2023. https://lex.uz/uz/docs/6479197.
President of the Republic of Uzbekistan. Decree № UP-38 “On the Approval of the Cybersecurity Strategy of the Republic of Uzbekistan and the Improvement of the Cybercrime Prevention System”, March 10, 2026. https://lex.uz/ru/docs/8079279.
Download and View Statistics
Copyright License
Copyright (c) 2026 Artur Valiulin
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.