Unconditionally secure key assignment schemes

In this paper we propose an information-theoretic approach to the access control problem in a scenario where a group of users is divided into a number of disjoint classes. The set of rules that specify the information flow between different user classes in the system defines an access control policy. An access control policy can be implemented by using a key assignment scheme, where a trusted central authority (CA) assigns an encryption key and some private information to each class.We consider key assignment schemes where the key assigned to each class is unconditionally secure with respect to an adversary controlling a coalition of classes of a limited size. Our schemes are characterized by a security parameter r, the size of the adversary coalition. We show lower bounds on the size of the private information that each class has to store and on the amount of randomness needed by the CA to set up any key assignment scheme. Finally, we propose some optimal constructions for unconditionally secure key assignment schemes.

[1]  Min-Shiang Hwang An improvement of a dynamic cryptographic key assignment scheme in a tree hierarchy , 1999 .

[2]  Alfredo De Santis,et al.  Cryptographic key assignment schemes for any access control policy , 2004, Inf. Process. Lett..

[3]  Min-Shiang Hwang Cryptanalysis of YCN key assignment scheme in a hierarchy , 2000, Inf. Process. Lett..

[4]  Stephen T. Hedetniemi,et al.  A Linear Algorithm for the Domination Number of a Tree , 1975, Inf. Process. Lett..

[5]  C. Lei,et al.  A dynamic cryptographic key assignment scheme in a tree structure , 1993 .

[6]  Wei-Pang Yang,et al.  Controlling access in large partially ordered hierarchies using cryptographic keys , 2003, J. Syst. Softw..

[7]  Chin-Laung Lei,et al.  An optimal algorithm to assign cryptographic keys in a tree structure for access control , 1993, BIT.

[8]  Chin-Chen Chang,et al.  Crypographic key assignment scheme for access control in a hierarchy , 1992, Inf. Syst..

[9]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[10]  Indrajit Ray,et al.  A cryptographic solution to implement access control in a hierarchy and more , 2002, SACMAT '02.

[11]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[12]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[13]  Selim G. Akl,et al.  An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy , 1985, IEEE Transactions on Computers.

[14]  Chyi Hwang,et al.  An FFT-based algorithm for 2D power series expansions , 1999 .

[15]  Hwang Min-Shiang,et al.  A cryptographic key assignment scheme in a hierarchy for access control , 1997 .

[16]  Stephen T. Hedetniemi,et al.  Optimal domination in graphs , 1975 .

[17]  Hung-Yu Chien,et al.  New hierarchical assignment without Public Key cryptography , 2003, Comput. Secur..

[18]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[19]  Andrew Chi-Chih Yao,et al.  The complexity of nonuniform random number generation , 1976 .

[20]  Lein Harn,et al.  A cryptographic key generation scheme for multilevel data security , 1990, Comput. Secur..

[21]  Chin-Chen Chang,et al.  A new key assignment scheme for enforcing complicated access control policies in hierarchy , 2003, Future Gener. Comput. Syst..

[22]  Chu-Hsing Lin,et al.  Dynamic key management schemes for access control in a hierarchy , 1997, Comput. Commun..