A Public-Key Cryptography Tool for Personal Use - A Real-world Implementation of ECC for Secure File Exchange

Luigi Maria Bottasso

2015

Abstract

A new library of modular arithmetic and cryptographic functions was coded, and then used for the development of a crypto tool. We present the architecture and functionality of a hybrid ECC-AES cryptosystem which can be quickly deployed even in absence of Public Key Infrastructures and associated Certification Authorities. The tool was conceived for use in combination with readily available resources, e.g. email and possibly social networks. It allows secure exchange of files with associated ECDSA digital signature, providing the user with substantial flexibility and control of the security settings. Established protocols were used in an original way, notably exploiting direct embedding of the AES session key into an elliptic curve. The code has been developed in C++ entirely from scratch, with no use of pre-existing libraries. The implementation is associated with a web site http://www.elcrypto.com, www.elcrypto.com aimed at promoting the benefits of Elliptic Curve Cryptography.

References

  1. D. Hankerson, A. J. Menezes, S. V. (2004). Guide to Elliptic Curve Cryptography. Springer-Verlag.
  2. Koblitz, N. (1994). A Course in Number Theory and Cryptography. Springer-Verlag.
  3. L. De Feo, D. Jao, J. P. (2011). Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. In PQCrypto Proceedings. Springer.
  4. NIST (2001a). FIPS PUB 197, Announcing the Advanced Encryption Standard (AES). Federal Information Processing Standard.
  5. NIST (2001b). Special Publication 800-38A, Recommendation for Block Cipher Modes of Operation, Methods and Techniques. NIST Publication.
  6. NIST (2002). FIPS 180-2, Announcing the Secure Hash Standard. Federal Information Processing Standard.
  7. NIST (2005). NIST-Recommended Random Number Generator Based on ANSI X9.31, Appendix A.2.4: Using the 3-Key Triple DES and AES Algorithms. NIST Publication.
  8. NIST (2007). Special Publication 800-90, Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised). NIST Publication.
  9. NIST (2009). FIPS PUB 186-3, Digital Signature Standard (DSS). Federal Information Processing Standard.
  10. R. Crandall, C. P. (2005). Prime Numbers, A Computational Perspective. Springer.
  11. V. Gruhn, M. Hulder, V. W.-M. (2007). Utilizing social networking platforms to support public key infrastructures. In SECRYPT 2007 Proceedings. SCITEPRESS.
Download


Paper Citation


in Harvard Style

Maria Bottasso L. (2015). A Public-Key Cryptography Tool for Personal Use - A Real-world Implementation of ECC for Secure File Exchange . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 194-201. DOI: 10.5220/0005511801940201


in Bibtex Style

@conference{secrypt15,
author={Luigi Maria Bottasso},
title={A Public-Key Cryptography Tool for Personal Use - A Real-world Implementation of ECC for Secure File Exchange},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={194-201},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005511801940201},
isbn={978-989-758-117-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - A Public-Key Cryptography Tool for Personal Use - A Real-world Implementation of ECC for Secure File Exchange
SN - 978-989-758-117-5
AU - Maria Bottasso L.
PY - 2015
SP - 194
EP - 201
DO - 10.5220/0005511801940201