New constructions for provably-secure time-bound hierarchical key assignment schemes

A time-bound hierarchical key assignment scheme is a method to assign time-dependent encryption keys to a set of classes in a partially ordered hierarchy, in such a way that each class in the hierarchy can compute the keys of all classes lower down in the hierarchy, according to temporal constraints. In this paper we propose new constructions for time-bound hierarchical key assignment schemes which are provably secure with respect to key indistinguishability. Our constructions use as a building block any provably-secure hierarchical key assignment scheme without temporal constraints and exhibit a tradeoff among the amount of private information held by each class, the amount of public data, the complexity of key derivation, and the computational assumption on which their security is based. Moreover, the proposed schemes support updates to the access hierarchy with local changes to public information and without requiring any private information to be re-distributed.

[1]  Wen-Guey Tzeng,et al.  A secure system for data access based on anonymous authentication and time-dependent hierarchical keys , 2006, ASIACCS '06.

[2]  Wen-Guey Tzeng,et al.  A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy , 2002, IEEE Trans. Knowl. Data Eng..

[3]  Xun Yi,et al.  Security of Chien's efficient time-bound hierarchical key assignment scheme , 2005, IEEE Transactions on Knowledge and Data Engineering.

[4]  Lein Harn,et al.  A cryptographic key generation scheme for multilevel data security , 1990, Comput. Secur..

[5]  Mikhail J. Atallah,et al.  Incorporating Temporal Capabilities in Existing Key Management Schemes , 2007, ESORICS.

[6]  Jyh-haw Yeh,et al.  An RSA-based time-bound hierarchical key assignment scheme for electronic article subscription , 2005, CIKM '05.

[7]  Hung-Yu Chen,et al.  Efficient time-bound hierarchical key assignment scheme , 2004 .

[8]  Nicola Santoro,et al.  Trade-Offs in Non-Reversing Diameter , 1994, Nord. J. Comput..

[9]  Selim G. Akl,et al.  An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy , 1985, IEEE Transactions on Computers.

[10]  Peter Winkler,et al.  Counting linear extensions is #P-complete , 1991, STOC '91.

[11]  Chin-Chen Chang,et al.  A new cryptographic key assignment scheme with time-constraint access control in a hierarchy , 2004, Comput. Stand. Interfaces.

[12]  Yiming Ye,et al.  Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy , 2003, IEEE Trans. Knowl. Data Eng..

[13]  Mikhail J. Atallah,et al.  Dynamic and efficient key management for access hierarchies , 2005, CCS '05.

[14]  Alfredo De Santis,et al.  Efficient Provably-Secure Hierarchical Key Assignment Schemes , 2007, MFCS.

[15]  Chi-Sung Laih,et al.  Merging: an efficient solution for a time-bound hierarchical key assignment scheme , 2006, IEEE Transactions on Dependable and Secure Computing.

[16]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[17]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[18]  Mikhail J. Atallah,et al.  Key management for non-tree access hierarchies , 2006, SACMAT '06.

[19]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[20]  M. Yannakakis The Complexity of the Partial Order Dimension Problem , 1982 .

[21]  Mikkel Thorup,et al.  Shortcutting Planar Digraphs , 1995, Combinatorics, Probability and Computing.

[22]  C. Lei,et al.  A dynamic cryptographic key assignment scheme in a tree structure , 1993 .

[23]  Ben Dushnik,et al.  Partially Ordered Sets , 1941 .

[24]  Chu-Hsing Lin,et al.  Dynamic key management schemes for access control in a hierarchy , 1997, Comput. Commun..

[25]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[26]  Marina Blanton,et al.  Dynamic and Efficient Key Management for Access Hierarchies , 2009, TSEC.

[27]  Robert E. Tarjan,et al.  Efficiency of a Good But Not Linear Set Union Algorithm , 1972, JACM.

[28]  Jonathan Katz,et al.  Characterization of Security Notions for Probabilistic Private-Key Encryption , 2005, Journal of Cryptology.

[29]  Alfred V. Aho,et al.  The Transitive Reduction of a Directed Graph , 1972, SIAM J. Comput..

[30]  Jason Crampton,et al.  On key assignment for hierarchical access control , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[31]  Hwang Min-Shiang,et al.  A cryptographic key assignment scheme in a hierarchy for access control , 1997 .

[32]  Andrew Chi-Chih Yao,et al.  Space-time tradeoff for answering range queries (Extended Abstract) , 1982, STOC '82.

[33]  Alfredo De Santis,et al.  Enforcing the security of a time-bound hierarchical key assignment scheme , 2006, Inf. Sci..

[34]  Qiang Tang,et al.  Comments on a cryptographic key assignment scheme , 2005, Comput. Stand. Interfaces.