Abstract
Sensitive information in organizations is constantly increasing and at the same sense are the risks of attacks that compromise privacy, confidentiality or integrity. The need for automating the tasks for securing data is more evident in big data scenarios. Thus, organizations could maintain tight control over their information using cryptographic techniques, such as document encryption, authentication, and digital signatures. In this paper, we present a case study in document encryption and authentication in organizational environments domains by means of curve-based cryptography. We propose three constructions for documents encryption and signing for acceptable security levels, on the basis of Identity-Based Encryption and Signcryption approaches, both built from elliptic curves. We provide experimentation details that reveal the feasibility of proposed curve-based cryptographic schemes, useful for automating the provision of security services to digital documents in organizational environments.
Similar content being viewed by others
REFERENCES
Certicom research. Sec. 2: recommended elliptic curve domain parameters, 2000, https://www.secg.org/sec2-v2.pdf.
Boneh, D., Pairing-based cryptography: past, present, and future, in Advances in Cryptology, Berlin, Heidelberg: Springer, 2012, vol. 7658, p. 1.
Boneh, D. and Franklin, M., Identity-based encryption from the weil pairing, in Proc. Annu. Int. Cryptology Conf., Springer, 2001, pp. 213–229.
Cerin, C., Coti, C., Delort, P., Diaz, F., Gagnaire, M., Gaumer, Q., Guillaume, N., Lous, J., Lubiarz, S., Raffaelli, J., et al., Downtime statistics of current cloud solutions, Tech. Report, Int. Working Group on Cloud Computing Resiliency, 2013.
Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., and Molina, J., Controlling data in the cloud: outsourcing computation without outsourcing control, Proc. ACM Workshop on Cloud Computing Security, London, 2019, pp. 85–90.
De Caro, A. and Iovino, V., jPBC: Java pairing based cryptography, Proc. 16th IEEE Symp. on Computers and Communications, ISCC 2011, Kerkyra, 2011, pp. 850–855. http://gas.dia.unisa.it/projects/jpbc/.
Gantz, J. and Reinsel, D., Extracting value from chaos, IDC Iview, 2011, vol. 1142(2011), pp. 1–12.
Gantz, J. and Reinsel, D., The digital universe in 2020: big data, bigger digital shadows, and biggest growth in the far east, IDC iView: IDC Anal. Future, 2012, vol. 2007(2012), pp. 1–16.
Karati, A. and Biswas, G., A practical identity based signcryption scheme from bilinear pairing, Proc. Int. Conf. on Advances in Computing, Communications and Informatics (ICACCI), Jaipur, 2016, pp. 832–836.
Gagne, M., Identity-based encryption, in Encyclopedia of Cryptography and Security, van Tilborg, H.C.A. and Jajodia, S., Eds., Springer, 2011.
Meffert, D., Bilinear pairings in cryptography, Master’s Thesis, Radboud Univ., 2009.
Menezes, A., An introduction to pairing-based cryptography, Contemp. Math. Recent Trends Cryptogr., 2009, vol. 477, pp. 216–234.
Nayakm B., Signcryption schemes based on elliptic curve cryptography, Master’s Thesis, National Institute of Technology Rourkela, 2014.
European Parliament, Regulation (EU) 2016/679 of the european parliament and of the council, Off. J. Eur. Union. https://eurlex.europa.eu/legal-content/EN/TXT/ PDF/?uri=CELEX:32016R0679.
Silverman, J., An Introduction to the Theory of Elliptic Curves, Univ. of Wyoming, 2006.
Sloan, R. and Warner, R., Unauthorized Access: the Crisis in Online Privacy and Security, CRC Press, 2013.
Tan, C., Wang, H., Zhong, S., and Li, Q., Body sensor network security: an identity-based cryptography approach, Proc. 1st ACM Conf. on Wireless Network Security, Alexandria VA, 2008, pp. 148–153.
Toorani, M. and Beheshti, A., An elliptic curve-based signcryption scheme with forward secrecy. arXiv:1005.1856, 2010.
Srensen, T. and Kamnstrup, M., Elliptic curve cryptography in java. https://sourceforge.net/projects/jecc/.
Washington, L., Elliptic Curves: Number Theory and Cryptography, 2nd ed., Chapman & Hall/CRC, 2008.
Zheng, Y., Digital signcryption or how to achieve cost (signature & encryption) << cost(signature) + cost(encryption), Proc. Conf. Advances in Cryptology CRYPTO’97, Santa Barbara, 1997, vol. 1294.
Varnovskiy, N.P., Martishin, S.A., Khrapchenko, M.V., and Shokurov, A.V., Secure cloud computing based on threshold homomorphic encryption, Progr. Comput. Software, 2015, vol. 41, pp. 215–218. https://doi.org/10.1134/S0361768815040088
ACKNOWLEDGMENTS
The work is partially supported by Fondo Sectorial de Investigación para la Educación, Ciencia Básica SEP-CONACyT, project number 281565.
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
About this article
Cite this article
Morales-Sandoval, M., Marin-Castro, H. & Gonzalez-Compean, J. Curve-Based Security Schemes for Automating the Encryption and Signing of Digital Documents in Organizational Environments. Program Comput Soft 47, 849–857 (2021). https://doi.org/10.1134/S0361768821080181
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1134/S0361768821080181