A New Key Assignment Scheme for Access Control in a Complete Tree Hierarchy

  • Alfredo De Santis
  • Anna Lisa Ferrara
  • Barbara Masucci
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3969)


A key assignment scheme is a protocol to assign encryption keys and some private information to a set of disjoint user classes in a system organized as a partially ordered hierarchy. The encryption key enables each class to protect its data by means of a symmetric cryptosystem, whereas, the private information allows each class to compute the keys assigned to classes lower down in the hierarchy.

In this paper we consider a particular kind of a hierarchy: the complete rooted tree hierarchy. We propose a key assignment scheme which is not based on unproven specific computational assumptions and that guarantees security against an adversary controlling a coalition of classes of a certain size. Moreover, the proposed scheme is optimal both with respect to the size of the information kept secret by each class and with respect to the randomness needed to set up the scheme.


Inductive Hypothesis Private Information Central Authority Security Parameter Access Control Policy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akl, S.G., Taylor, P.D.: Cryptographic Solution to a Problem of Access Control in a Hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)CrossRefGoogle Scholar
  2. 2.
    Chang, C.C., Hwang, R.J., Wu, T.C.: Cryptographic Key Assignment Scheme for Access Control in a Hierarchy. Information Systems 17(3), 243–247 (1992)CrossRefGoogle Scholar
  3. 3.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory. John Wiley & Sons, Chichester (1991)CrossRefzbMATHGoogle Scholar
  4. 4.
    De Santis, A., Ferrara, A.L., Masucci, B.: Unconditionally Secure Key Assignment Schemes. Discrete Applied Mathematics 154(2), 234–252 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic Key Assignment Schemes for Any Access Control Policy. Inf. Process. Lett. 92(4), 199–205 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Ferrara, A.L., Masucci, B.: An Information-Theoretic Approach to the Access Control Problem. In: Blundo, C., Laneve, C. (eds.) ICTCS 2003. LNCS, vol. 2841, pp. 342–354. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Graham, R.L., Knuth, D.E., Patashnik, O.: Concrete Mathematics. A Foundation for Computer Science. Addison-Wesley, Reading (1988)zbMATHGoogle Scholar
  8. 8.
    Hwang, M.S.: A Cryptographic Key Assignment Scheme in a Hierarchy for Access Control. Math. Comput. Modeling 26(1), 27–31 (1997)MathSciNetzbMATHGoogle Scholar
  9. 9.
    Hwang, M.S.: An Improvement of a Dynamic Cryptographic Key Assignment Scheme in a Tree Hierarchy. Comput. Math. Appl. 37(3), 19–22 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Knuth, D.E., Yao, A.C.: The Complexity of Nonuniform Random Number Generation. In: Algorithms and Complexity, pp. 357–428. Academic Press, London (1976)Google Scholar
  11. 11.
    Liaw, H.T., Wang, S.J., Lei, C.L.: A Dynamic Cryptographic Key Assignment Scheme in a Tree Structure. Comput. Math. Appl. 25(6), 109–114 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Liaw, H.T., Lei, C.L.: An Optimal Algorithm to Assign Cryptographic Keys in a Tree Structure for Access Control. BIT 33, 46–56 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Lin, C.H.: Dynamic Key Management Schemes for Access Control in a Hierarchy. Computer Communications 20, 1381–1385 (1997)CrossRefGoogle Scholar
  14. 14.
    MacKinnon, S.J., Taylor, P.D., Meijer, H., Akl, S.G.: An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy. IEEE Trans. Comput. 34(9), 797–802 (1985)CrossRefGoogle Scholar
  15. 15.
    Sandhu, R.S.: Cryptographic Implementation of a Tree Hierarchy for Access Control. Inf. Process. Lett. 27, 95–98 (1988)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Alfredo De Santis
    • 1
  • Anna Lisa Ferrara
    • 1
  • Barbara Masucci
    • 1
  1. 1.Dipartimento di Informatica ed ApplicazioniUniversità di SalernoBaronissi (SA)Italy

Personalised recommendations