Identity-based on-the-fly encryption and decryption scheme for controlled documents
JIN Biao1,XIONG Jinbo2,YAO Zhiqiang1,LIU Ximeng3
1. Faculty of Software, Fujian Normal University, Fuzhou Fujian 350108, China 2. Faculty of Software, Fujian Normal University, Fuzhou Fujian 350108, China; 3. School of Telecommunication Engineering, Xidian University, Xi'an Shaanxi 710071, China
Abstract:To deal with the increasingly serious situation of document's security and better protect the controlled documents, in this paper, an identity-based On-The-Fly Encryption (OTFE) and decryption scheme was proposed for the controlled documents, which combined an Identity-Based Encryption (IBE) algorithm with an on-the-fly encryption technique. In the scheme, file system filter driver technology was used to monitor program's behaviors on the controlled documents; meanwhile, the IBE algorithm was used to encrypt and decrypt the controlled documents. Specifically, a new algorithm that associated the original ciphertext and divided the associated ciphertext into two parts stored in different locations was proposed. Therefore, it is impossible for an adversary to obtain the whole ciphertext and further recover the original plaintext. Finally, an elaborate description was made on the scheme from system level and algorithm level. The security analysis indicates that the proposed scheme is able to effectively protect the controlled documents.