PROPOSAL

An Efficient Time - Bound Hierarchical Key Management Scheme for Secure Broadcasting

Proposal for: An Efficient Time - Bound Hierarchical Key Management Scheme for Secure Broadcasting

Abstract

A time-bound hierarchical key assignment scheme is a method to assign a cryptographic key to each class of users in a system organized as a partially ordered hierarchy, in such a way that key derivation is constrained both by class relationships and by time. Recently, a time-bound hierarchical key assignment scheme based on tamper-resistant devices and requiring low computational load and implementation cost has been proposed. Unfortunately, the scheme is not secure.

In this paper we will show how three malicious users can handle public and private information to misuse their tamper-resistant devices in order to compute some encryption keys that they should not be able to learn. We will also show some countermeasures to withstand the weakness that we will exploit. (Arthur Black 2002)

An Efficient Time - Bound Hierarchical Key Management Scheme for Secure Broadcasting

Chapter 1 Introduction

The access control problem deals with the specification of users_ access permission and is a fundamental issue in any system that manages distributed resources. We consider a scenario where the users of a computer system are organized in a hierarchy formed by a certain number of disjoint classes, called security classes. A hierarchy arises from the fact that some users have more access rights than others. In the real world there are several examples of hierarchies where an access control is required. In a hierarchical access control system, users are partitioned into a number of classes--called security classes--which are organized in a hierarchy. Hierarchies arise in systems where some users have higher privileges than others and a security class inherits the privileges of its descendant classes. The problem of key assignment in such systems is how to assign cryptographic keys to users and resources to properly enforce access rights. Its crucial goal is efficiency: the number of keys a user obtains, computation a user performs, and amount of resources the server is required to maintain should be minimized. Applications exist in business and in other areas of the private sector, for example in the management of databases containing sensitive information or in the protection of industrial secrets. Similar situations abound in other areas, particularly in the government and military. ccess to that class and its descen- dants in the hierarchy. A key management scheme assigns keys to the access classes and distributes a subset of the keys to a user, which permit her to obtain access to objects at her class(es) and all of the descendant classes. Such key management schemes are usually evaluated by the number of total keys the system must maintain, the number of keys each user receives, the size of public information, the time required to derive keys for access classes, and work needed to perform when the hierarchy or the set of users change. Hierarchies of access classes are used in many domains, and in many cases they are more general than ...