Cryptanalysis and improvement of an access control in user hierarchy based on elliptic curve cryptosystem

In a key management scheme for hierarchy based access control, each security class having higher clearance can derive the cryptographic secret keys of its other security classes having lower clearances. In 2008, Chung et al. proposed an efficient scheme on access control in user hierarchy based on elliptic curve cryptosystem [Information Sciences 178 (1) (2008) 230-243]. Their scheme provides solution of key management efficiently for dynamic access problems. However, in this paper, we propose an attack on Chung et al.'s scheme to show that Chung et al.'s scheme is insecure against the exterior root finding attack. We show that under this attack, an attacker (adversary) who is not a user in any security class in a user hierarchy attempts to derive the secret key of a security class by using the root finding algorithm. In order to remedy this attack, we further propose a simple improvement on Chung et al.'s scheme. Overall, the main theme of this paper is very simple: a security flaw is presented on Chung et al.'s scheme and then a fix is provided in order to remedy the security flaw found in Chung et al.'s scheme.

[1]  Chien-Lung Hsu,et al.  Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy , 2003, Comput. Secur..

[2]  Tzer-Shyong Chen,et al.  A novel key management scheme for dynamic access control in a user hierarchy , 2005, Appl. Math. Comput..

[3]  Feipei Lai,et al.  Novel Cryptographic Key Assignment Scheme for Dynamic Access Control in a Hierarchy , 1997 .

[4]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[5]  Chung-Ming Wang,et al.  An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem , 2006, J. Syst. Softw..

[6]  F. Kuo,et al.  Cryptographic key assignment scheme for dynamic access control in a user hierarchy , 1999 .

[7]  Tsai Hui-Min,et al.  Refereed paper: A cryptographic implementation for dynamic access control in a user hierarchy , 1995 .

[8]  Victor R. L. Shen,et al.  A Novel Key Management Scheme Based on Discrete Logarithms and Polynomial Interpolations , 2002, Comput. Secur..

[9]  Lein Harn,et al.  A cryptographic key generation scheme for multilevel data security , 1990, Comput. Secur..

[10]  Ratna Dutta,et al.  Provably Secure Constant Round Contributory Group Key Agreement in Dynamic Setting , 2008, IEEE Transactions on Information Theory.

[11]  Chin-Chen Chang,et al.  A key assignment scheme for controlling access in partially ordered user hierarchies , 2004, 18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004..

[12]  Henri Cohen,et al.  A course in computational algebraic number theory , 1993, Graduate texts in mathematics.

[13]  Selim G. Akl,et al.  An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy , 1985, IEEE Transactions on Computers.

[14]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[15]  Joonsang Baek,et al.  Formal Proofs for the Security of Signcryption , 2002, Public Key Cryptography.

[16]  R. Nickalls A new approach to solving the cubic: Cardan’s solution revealed , 1993, The Mathematical Gazette.

[17]  Yu-Fang Chung,et al.  Access control in user hierarchy based on elliptic curve cryptosystem , 2008, Inf. Sci..

[18]  Chu-Hsing Lin,et al.  Dynamic key management schemes for access control in a hierarchy , 1997, Comput. Commun..

[19]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[20]  Michael Ben-Or,et al.  Probabilistic algorithms in finite fields , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).