A novel proxy signature scheme based on user hierarchical access control policy

In this paper, we propose a new security protocol for proxy signature by a hierarchy of proxy signers. In this protocol, the original signer delegates his/her signing capability to a predefined hierarchy of proxy signers. Given the documents of a security class to be signed by the original signer, our scheme suggests a protocol for the hierarchy of proxy signers to sign the document on behalf of the original signer. The concept of hierarchical access control limits the number of people who could sign the document to the people who have the required security clearances. User in a security class requires two secret keys: one which identifies his/her security clearance, and that can also be derived by a user of upper level security clearance and second is his/her private key which identifies him/her as a proxy signer for the signature generation. We show that our scheme is efficient in terms of computational complexity as compared to the existing related proxy signature schemes based on the hierarchical access control. Our scheme also supports addition and deletion of security classes in the hierarchy. We show through security analysis that our scheme is secure against possible attacks. Furthermore, through the formal security analysis using the AVISPA (Automated Validation of Internet Security Protocols and Applications) tool we show that our scheme is also secure against passive and active attacks.

[1]  Tang Ming . Wei Lian. Si Tuo Lin Si,et al.  Cryptography and Network Security - Principles and Practice , 2015 .

[2]  Zuhua Shao,et al.  Proxy signature schemes based on factoring , 2003, Inf. Process. Lett..

[3]  Sheng Zhong,et al.  A practical key management scheme for access control in a user hierarchy , 2002, Comput. Secur..

[4]  Vanga Odelu,et al.  LHSC: An effective dynamic key management scheme for linear hierarchical access control , 2013, 2013 Fifth International Conference on Communication Systems and Networks (COMSNETS).

[5]  Ronald L. Rivest,et al.  Introduction to Algorithms, third edition , 2009 .

[6]  Helmut Knebl,et al.  Introduction to Cryptography , 2002, Information Security and Cryptography.

[7]  Debasis Giri,et al.  A Cryptographic Key Assignment Scheme for Access Control in Poset Ordered Hierarchies with Enhanced Security , 2008, Int. J. Netw. Secur..

[8]  Parmeshwary Dayal Srivastava,et al.  An Asymmetric Cryptographic Key Assignment Scheme for Access Control in Tree Structural Hierarchies , 2007, Int. J. Netw. Secur..

[9]  Eiji Okamoto,et al.  Proxy signatures for delegating signing operation , 1996, CCS '96.

[10]  Vanga Odelu,et al.  A Novel Key Management Mechanism for Dynamic Hierarchical Access Control Based on Linear Polynomials , 2012, SNDS.

[11]  Stéphane Manuel,et al.  Classification and generation of disturbance vectors for collision attacks against SHA-1 , 2011, Des. Codes Cryptogr..

[12]  Zuowen Tan,et al.  Digital Proxy Blind Signature Schemes Based on DLP and ECDLP , 2002 .

[13]  Victor R. L. Shen,et al.  A Novel Key Management Scheme Based on Discrete Logarithms and Polynomial Interpolations , 2002, Comput. Secur..

[14]  Chu-Hsing Lin,et al.  Dynamic key management schemes for access control in a hierarchy , 1997, Comput. Commun..

[15]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[16]  Willi Meier,et al.  Quark: A Lightweight Hash , 2010, Journal of Cryptology.

[17]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[18]  Ashok Kumar Das,et al.  A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications , 2013 .

[19]  Ashutosh Saxena,et al.  C R ] 2 0 D ec 2 00 6 Algorithms and Approaches of Proxy Signature : A Survey MANIK , 2008 .

[20]  Ashok Kumar Das,et al.  Cryptanalysis and improvement of an access control in user hierarchy based on elliptic curve cryptosystem , 2012, Inf. Sci..

[21]  Ashok Kumar Das A random key establishment scheme for multi-phase deployment in large-scale distributed sensor networks , 2012, International Journal of Information Security.

[22]  Kefei Chen,et al.  An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System , 2012, Journal of Medical Systems.

[23]  Yu-Fang Chung,et al.  Access control in user hierarchy based on elliptic curve cryptosystem , 2008, Inf. Sci..

[24]  Debasis Giri,et al.  HACBPS : A Hierarchical Access Control-Based Proxy Signature , 2009 .

[25]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[26]  Vanga Odelu,et al.  An Effective and Secure Key-Management Scheme for Hierarchical Access Control in E-Medicine System , 2012, Journal of Medical Systems.

[27]  Jiang Wu,et al.  An Access Control Scheme for Partially Ordered Set Hierarchy with Provable Security , 2005, Selected Areas in Cryptography.

[28]  ChenTzer-Shyong,et al.  A Novel Key Management Scheme Based on Discrete Logarithms and Polynomial Interpolations , 2002 .

[29]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.