Abstract
In 1983 Akl and Taylor [Cryptographic Solution to a Problem of Access Control in a Hierarchy, ACM Transactions on Computer Systems, 1(3), 239–248, 1983] first suggested the use of cryptographic techniques to enforce access control in hierarchical structures. Over time, their scheme has been used in several different contexts, including mobile agents environments and broadcast encryption. However, it has never been fully analyzed from the security point of view.
We provide a rigorous analysis of the Akl-Taylor scheme and prove that it is secure against key recovery. We also show how to obtain different tradeoffs between the amount of public information and the number of steps required to perform key derivation. Moreover, we propose a general construction to set up a key assignment scheme secure w.r.t. key indistinguishability, given any key assignment scheme secure against key recovery. Finally, we show how to use our construction, along with our tradeoffs, to obtain a variant of the Akl-Taylor scheme, secure w.r.t key indistinguishability, requiring a constant amount of public information.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Akl, S.G., Taylor, P.D.: Cryptographic Solution to a Problem of Access Control in a Hierarchy. ACM Trans. on Comput. Syst. 1(3), 239–248 (1983)
Asano, T.: A Revocation Scheme with Minimal Storage at Receivers. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 433–450. Springer, Heidelberg (2002)
Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and Efficient Key Management for Access Hierarchies. ACM Trans. Inf. Syst. Secur., Article 18 12(3) (2009); Prelim. version in Proc. of ACM CCS 2005, pp. 190–201 (2005)
Ateniese, G., De Santis, A., Ferrara, A.L., Masucci, B.: Provably-Secure Time-Bound Hierarchical Key Assignment Schemes. Rep. 2006/225 at the IACR Cryptology ePrint Archive. Prelim. version in Proc. of ACM CCS 2006, pp. 288–297 (2006)
Attrapadung, N., Kobara, K.: Broadcast Encryption with Short Keys and Transmissions. In: Proc. of the 3rd ACM workshop on Digital Rights Management, pp. 55–66 (2003)
De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic Key Assignment Schemes for any Access Control Policy. Inf. Proc. Lett. 92(4), 199–205 (2004)
De Santis, A., Ferrara, A.L., Masucci, B.: Efficient Provably-Secure Hierarchical Key Assignment Schemes. In: Kučera, L., Kučera, A. (eds.) MFCS 2007. LNCS, vol. 4708, pp. 371–382. Springer, Heidelberg (2007)
Goldreich, O., Levin, L.: A Hard-Core Predicate for All One-Way Functions. In: Proc. of ACM STOC 1989, pp. 25–32 (1989)
Goldwasser, S., Micali, S.: Probabilistic Encryption. Journal of Comput. and Syst. Sci. 28, 270–299 (1984)
Harn, L., Lin, H.Y.: A Cryptographic Key Generation Scheme for Multilevel Data Security. Comput. and Security 9(6), 539–546 (1990)
Lin, I.-C., Oub, H.-H., Hwang, M.-S.: Efficient Access Control and Key Management Schemes for Mobile Agents. Comput. Standards & Interfaces 26(5), 423–433 (2004)
MacKinnon, S.J., Taylor, P.D., Meijer, H., Akl, S.G.: An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy. IEEE Trans. on Computers, C-34(9), 797–802 (1985)
Rabin, M.O.: Digitalized Signatures and Public Key Functions as Intractable as Factorization, Tech. Rep. MIT/LCS/TR-212, MIT Lab. for Computer Science (1979)
Rivest, R.L., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communic. ACM 21, 120–126 (1978)
Tzeng, W.-G.: A Secure System for Data Access Based on Anonymous and Time-Dependent Hierarchical Keys. In: Proc. of ACM ASIACCS 2006, pp. 223–230 (2006)
Yeh, J.H., Chow, R., Newman, R.: A Key Assignment for Enforcing Access Control Policy Exceptions. In: Proc. of Int. Symposium on Internet Technology, pp. 54–59 (1998)
Wang, S.-Y., Laih, C.-S.: Merging: An Efficient Solution for a Time-Bound Hierarchical Key Assignment Scheme. IEEE Trans. on Dependable and Secure Computing 3(1) (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
D’Arco, P., De Santis, A., Ferrara, A.L., Masucci, B. (2009). Security and Tradeoffs of the Akl-Taylor Scheme and Its Variants. In: Královič, R., Niwiński, D. (eds) Mathematical Foundations of Computer Science 2009. MFCS 2009. Lecture Notes in Computer Science, vol 5734. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03816-7_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-03816-7_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03815-0
Online ISBN: 978-3-642-03816-7
eBook Packages: Computer ScienceComputer Science (R0)