An Efficient Hierarchical Identity-Based Key-Sharing Method Resistant against Collusion-Attacks

Efficient ID-based key sharing schemes are desired world-widely for secure communications on Internet and other networks. The Key Predistiribution Systems (KPS) are a large class of such key sharing schemes. The remarkable property of KPS is that in order to share the key, a participant should only input its partner’s identifier to its secret KPS-algorithm. Although it has a lot of advantages in terms of efficiency, on the other hand it is vulnerable by certain collusion attacks. While conventional KPS establishes communication links between any pair of entities in a communication system, in many practical communication systems such as broadcasting, not all links are required. In this article, we propose a new version of KPS which is called Hierarchical KPS. In Hierarchical KPS, simply by removing unnecessary communication links, we can significantly increase the collusion threshold. As an example, for a typical security parameter setting the collusion threshold of the Hierarchical KPS i s 16 times higher than that of the conventional KPS while using the same amount of memory at the KPS center. The memory required by the user is even reduced for a factor 1/16 in comparison with the conventional linear scheme. Hence, Hierarchical KPS provides a more efficient method for secure communication.

[1]  Hatsukazu Tanaka A Realization Scheme for the Identity-Based Cryptosystem , 1987, CRYPTO.

[2]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[3]  Douglas R. Stinson,et al.  Trade-offs Between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution , 1996, CRYPTO.

[4]  Hideki Imai,et al.  On the Key Predistribution System: A Practical Solution to the Key Distribution Problem , 1987, CRYPTO.

[5]  Rolf Blom,et al.  Non-Public Key Distribution , 1982, CRYPTO.

[6]  Kaoru Kurosawa,et al.  New Combinatorial Bounds for Authentication Codes and Key Predistribution Schemes , 1998, Des. Codes Cryptogr..

[7]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[8]  Carlo Blundo,et al.  Space Requirements for Broadcast Encryption , 1994, EUROCRYPT.

[9]  Jinhui Chao,et al.  A New ID-Based Key Sharing System , 1991, CRYPTO.

[10]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[11]  Yvo Desmedt,et al.  Unconditionally secure dynamic conference key distribution , 1998, Proceedings. 1998 IEEE International Symposium on Information Theory (Cat. No.98CH36252).

[12]  Keith M. Martin,et al.  Multisecret Threshold Schemes , 1994, CRYPTO.

[13]  Yvo Desmedt,et al.  Some Bounds and a Construction for Secure Broadcast Encryption , 1998, ASIACRYPT.

[14]  Eiji Okamoto,et al.  Identity-based information security management system for personal computer networks , 1989, IEEE J. Sel. Areas Commun..

[15]  Ueli Maurer,et al.  A Remark on a Non-interactive Public-Key Distribution System , 1992, EUROCRYPT.

[16]  Ueli Maurer,et al.  Non-interactive Public-Key Cryptography , 1991, EUROCRYPT.

[17]  Minoru Sasaki,et al.  A Prototype KPS and Its Application--IC Card Based Key Sharing and Cryptographic Communication-- , 1990 .