A scalable encryption scheme for multi-privileged group communications

In multi-privileged group communications, since users, who can subscribe to different data streams according to their interests, have multiple access privileges, security issues are more difficult to be solved than those in traditional group communications. The common drawback of traditional key management schemes is that they will result in the “one-affect-many” problem, because they use a key graph to manage all the keys in a group, which makes one key being shared by many users. Recently, a key-policy attribute-based encryption (KP-ABE) scheme is proposed to encrypt messages to multiple users efficiently, which has been applied in secure multi-privileged group communications. However, user revocation in KP-ABE is still not resolved when applied to multi-privileged group communications. So, in this paper, by uniquely combining a collusion-resistant broadcast encryption system and a KP-ABE system with a non-monotone access structure, we propose a scalable encryption scheme for multi-privileged group communications (EMGC). Based on the features of different multi-privileged group communication systems, we also propose two constructions for our EMGC scheme. With the two constructions, a system can support a user not only to join/leave a group at will, but also to change his access privilege on demand, and the expenses during rekeying operations are small. Therefore, our scheme, which can accommodate a dynamic group of users, is more applicable to multi-privileged group communications.

[1]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[2]  Minyi Guo,et al.  Efficient group key management for multi-privileged groups , 2007, Comput. Commun..

[3]  Ruidong Li,et al.  Distributed Hierarchical Access Control for Secure Group Communications , 2005, ICCNMC.

[4]  David Lubicz,et al.  Attribute-Based Broadcast Encryption Scheme Made Efficient , 2008, AFRICACRYPT.

[5]  Zhibin Zhou,et al.  On efficient ciphertext-policy attribute based encryption and broadcast encryption: extended abstract , 2010, CCS '10.

[6]  Zhibin Zhou,et al.  Constructing Efficient Attribute-Based Broadcast Encryption , 2010, 2010 INFOCOM IEEE Conference on Computer Communications Workshops.

[7]  Dong Hoon Lee,et al.  A NOTE ON SELF-BILINEAR MAPS , 2009 .

[8]  Allison Bishop,et al.  Revocation Systems with Very Small Private Keys , 2010, 2010 IEEE Symposium on Security and Privacy.

[9]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[10]  Wei Zhao,et al.  Provably Secure Convertible Nominative Signature Scheme , 2008, Inscrypt.

[11]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[12]  Ling Cheung,et al.  Collusion-Resistant Group Key Management Using Attribute-Based Encryption , 2007, IACR Cryptol. ePrint Arch..

[13]  K. J. Ray Liu,et al.  Scalable hierarchical access control in secure group communications , 2004, IEEE INFOCOM 2004.

[14]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[15]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[16]  O-Hyung Kwon,et al.  A tree key graph design scheme for hierarchical multi-group access control , 2009, IEEE Communications Letters.

[17]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[18]  K. J. Ray Liu,et al.  Key distribution for secure multimedia multicasts via data embedding , 2001, 2001 IEEE International Conference on Acoustics, Speech, and Signal Processing. Proceedings (Cat. No.01CH37221).

[19]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[20]  Pascal Junod,et al.  An efficient public-key attribute-based broadcast encryption scheme allowing arbitrary access policies , 2010, DRM '10.