Cryptography in public administration: a comprehensive perspective
DOI:
https://doi.org/10.36151/RCAP.2.9Keywords:
Information security, cryptography, electronic identification, quantum computing, blockchain technologiesAbstract
This paper addresses the importance of information security in public administration, highlighting the role of cryptography to guarantee properties such as data integrity and confidentiality. It describes in detail public key infrastructures and provides an analysis of the DNIe and the Cl@ve system as examples of secure electronic identification, with multiple applications in public administration. Furthermore, it pays attention to the strategies developed by various international public administrations to implement cryptographic systems resistant to the emerging threat of quantum computing. On the other hand, in the current context, some applications of blockchain technologies are listed. In summary, this work provides an overview of some cybersecurity challenges in public administration and various cryptography-based advances, highlighting the importance of continuously adapting to evolving cyber threats and technological opportunities.
Downloads
References
Atzori, M. (2015). Blockchain technology and decentralized governance: Is the state still necessary? Available at SSRN 2709713.
Caballero Gil, P. (2002) Introducción a la Criptografía. 2a edición actualizada. Editorial Ra-Ma.
Centro Criptológico Nacional (2018). Resolución 1A0/38016/2018, de 15 de junio, del Centro Criptológico Nacional, por la que se certifica la seguridad del producto DNIe-DSCF (dispositivo seguro de creación de firma), versión 3.0.
Congress.gov (2022) H.R.7535 - Quantum Computing Cybersecurity Preparedness Act. 117th Congress. https://www.congress.gov/bill/117th-congress/house-bill/7535/
Correa Marichal, J. (2022). Seguridad de las tarjetas NFC. Trabajo de Fin de Grado. Universidad de La Laguna. https://riull.ull.es/xmlui/handle/915/28735
Diffie, W., & Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory 22 pp. 644-654.
EUR-Lex (2013). JOINT COMMUNICATION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A52013JC0001
Gennai, F., Martusciello, L., & Buzzi, M. (2005). A certified email system for the public administration in Italy. In IADIS International Conference WWW/Internet (Vol. 2, pp. 143-147).
Gidney, C., & Ekerå, M. (2021). How to factor 2048 bit RSA integers in 8 hours using 20 million noisy qubits. Quantum, 5, 433.
Gobierno de España (2015). Ley 36/2015, de 28 de septiembre, de Seguridad Nacional. https://www.boe.es/buscar/act.php?id=BOE-A-2015-10389
Gobierno de España (2017). Estrategia de Seguridad Nacional. Disposición 15181 del BOE núm. 309 de 2017. https://www.boe.es/boe/dias/2017/12/21/pdfs/BOE-A-2017-15181.pdf
Gobierno de España (2018). III Plan de Acción de España 2017-2019. https://transparencia.gob.es/transparencia/dam/jcr:540931bc-376c-43a7-8bd7-1569006e97cd/Spain_III_Plan_GA_v2018_vf.pdf
Gobierno de España (2019). Orden PCI/487/2019, de 26 de abril, por la que se publica la Estrategia Nacional de Ciberseguridad 2019, aprobada por el Consejo de Seguridad Nacional. https://www.boe.es/eli/es/o/2019/04/26/pci487
Gobierno de España (2022). Real Decreto 311/2022, de 3 de mayo, por el que se regula el Esquema Nacional de Seguridad. https://www.boe.es/diario_boe/txt.php?id=BOE-A-2022-7191
Hou, H. (2017). The application of blockchain technology in e-government in China. In 2017 26th International Conference on Computer Communication and Networks (ICCCN) (pp. 1–4). New York: IEEE.
Kaplan, M., Leurent, G., Leverrier, A., & Naya-Plasencia, M. (2016). Breaking symmetric cryptosystems using quantum period finding. In Advances in Cryptology–CRYPTO 2016: 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part II 36 (pp. 207-237). Springer Berlin Heidelberg.
Koblitz, N., Menezes, A., & Vanstone, S. (2000). The state of elliptic curve cryptography. Designs, codes and cryptography, 19, 173-193.
Kovács, L. (2018). Cyber security policy and strategy in the European Union and NATO. Land Forces Academy Review, 23(1), 16-24.
Lambrinoudakis, C., Gritzalis, S., Dridi, F., & Pernul, G. (2003). Security requirements for e-government services: a methodological approach for developing a common PKI-based security policy. Computer communications, 26(16), 1873-1883.
León-Coca, J. M., Reina, D. G., Toral, S. L., Barrero, F., & Bessis, N. (2013). Authentication systems using ID Cards over NFC links: the Spanish experience using DNIe. Procedia Computer Science, 21, 91-98.
Menezes, A. J., Van Oorschot, P. C., & Vanstone, S. A. (2018). Handbook of applied cryptography. CRC press.
Moynihan, D. P. (2004). Building secure elections: e‐voting, security, and systems theory. Public administration review, 64(5), 515-528.
Nir, Y., & Langley, A. (2018). ChaCha20 and Poly1305 for IETF Protocols (No. rfc8439).
Ojo, A., & Adebayo, S. (2017). Blockchain as a next generation government information infrastructure: A review of initiatives in D5 countries. In Government 3.0–Next Generation Government Technology Infrastructure and Services (pp. 283–298). Cham: Springer.
Ølnes, S., Ubacht, J., & Janssen, M. (2017). Blockchain in government: Benefits and implications of distributed ledger technology for information sharing.
Open Government Partnership (2017). https://www.opengovpartnership.org/
Parlamento Europeo y Consejo de la Unión (2018). Reglamento (UE) Nº 910/2014 del Parlamento Europeo y del Consejo de 23 de julio de 2014 relativo a la identificación electrónica y los servicios de confianza para las transacciones electrónicas en el mercado interior y por la que se deroga la Directiva 1999/93/CE. https://eur-lex.europa.eu/legal-content/ES/TXT/?uri=CELEX:32014R0910
Prandini, M. (1999). Efficient certificate status handling within PKIs: an application to public administration services. In Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99) (pp. 276-281). IEEE.
Raab, C. D. (1998). Electronic confidence: Trust, information and public administration. Public Administrations in an Information Age: A Handbook" eds. Snellen, I. Th. M & Van De Donk, WBHJ, 113-133.
Real Casa de la Moneda (2022). Tarjeta DNIe 4.0. https://www.commoncriteriaportal.org/files/epfiles/2019-06%20ST_LITE.pdf
Rijmen, V., & Daemen, J. (2001). Advanced encryption standard. Proceedings of federal information processing standards publications, national institute of standards and technology, 19, 22.
Rivest, R., Shamir, A., & Adleman, L. (1978). "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems" (PDF). Communications of the ACM. 21 (2): 120–126.
Rot, A., Sobińska, M., Hernes, M., & Franczyk, B. (2020). Digital transformation of public administration through blockchain technology. Towards Industry 4.0—current challenges in information systems, 111-126.
Silcock, R. (2001). What is e-government. Parliamentary affairs, 54(1), 88-101.
Szczepaniuk, E. K., Szczepaniuk, H., Rokicki, T., & Klepacki, B. (2020). Information security assessment in public administration. Computers & Security, 90, 101709.
Vatra, N. (2010). Public key infrastructure for public administration in Romania. In 2010 8th International Conference on Communications (pp. 481-484). IEEE.
Weiss, M., & Corsi, E. (2017). Bitfury: Blockchain for government. In Harvard Business School Case (pp. 818–031).
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Revista Canaria de Administración Pública
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
