Skip to main content

Detecting Flaws in Dynamic Hierarchical Key Management Schemes Using Specification Animation

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNISA,volume 7154)

Abstract

In key assignment schemes for hierarchical access control systems, each access class has a key associated with it that can be used to derive the keys associated with every descendant of that class. Many recently proposed key assignment schemes support updates to the hierarchy such as addition and deletion of classes and class relationships. The dynamic changes entail a change to the hierarchy as well as re-computing of public and secret information. In this paper, we describe a software tool that supports the animation of specifications of dynamic schemes. The specification of a scheme, written in Prolog, corresponds to a symbolic model of the algorithms used by the scheme for key generation and for handling dynamic changes. The tool allows us to generate a test hierarchy, generate keys for the classes in the hierarchy, and simulate various dynamic operations. The animation search using the tool has shown to be useful in finding previously unreported attacks on several existing dynamic schemes.

Keywords

  • Public Information
  • Secret Information
  • Dynamic Scheme
  • Fair Exchange Protocol
  • Dynamic Access Control

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)

    CrossRef  Google Scholar 

  2. Kayem, A.V.D.M., Akl, S.G., Martin, P.: On replacing cryptographic keys in hierarchical key management systems. Journal of Computer Security 16(3), 289–309 (2008)

    CrossRef  Google Scholar 

  3. Lin, C.-H.: Dynamic key management schemes for access control in a hierarchy. Computer Communications 20(15), 1381–1385 (1997)

    CrossRef  Google Scholar 

  4. Lin, C.-H.: Hierarchical key assignment without public-key cryptography. Computers & Security 20(7), 612–619 (2001)

    CrossRef  Google Scholar 

  5. Lo, J.-W., Hwang, M.-S., Liu, C.-H.: An efficient key assignment scheme for access control in a large leaf class hierarchy. Inf. Sci. 181(4), 917–925 (2011)

    CrossRef  MATH  Google Scholar 

  6. Shen, V.R.L., Chen, T.-S.: A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers & Security 21(2), 164–171 (2002)

    CrossRef  MathSciNet  Google Scholar 

  7. Wu, T.-C., Chang, C.-C.: Cryptographic key assignment scheme for hierarchical access control. Comput. Syst. Sci. Eng. 16(1), 25–28 (2001)

    Google Scholar 

  8. Yang, C., Li, C.: Access control in a hierarchy using one-way hash functions. Computers & Security 23(8), 659–664 (2004)

    CrossRef  Google Scholar 

  9. Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: Atluri, V., Meadows, C., Juels, A. (eds.) ACM Conference on Computer and Communications Security, pp. 190–202. ACM (2005)

    Google Scholar 

  10. Millen, J.K., Clark, S.C., Freedman, S.B.: The interrogator: Protocol security analysis. IEEE Trans. Software Eng. 13(2), 274–288 (1987)

    CrossRef  Google Scholar 

  11. Longley, D., Rigby, S.: An automatic search for security flaws in key management schemes. Computers & Security 11(1), 75–89 (1992)

    CrossRef  Google Scholar 

  12. Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW, pp. 82–96. IEEE Computer Society (2001)

    Google Scholar 

  13. Boyd, C., Kearney, P.: Exploring Fair Exchange Protocols Using Specification Animation. In: Pieprzyk, J., Okamoto, E., Seberry, J. (eds.) ISW 2000. LNCS, vol. 1975, pp. 209–223. Springer, Heidelberg (2000)

    CrossRef  Google Scholar 

  14. Tang, S.: Efficient key assignment for hierarchical access control using one-way hash function. In: Proceedings of the 10th WSEAS International Conference on Computers, ICCOMP 2006, Stevens Point, Wisconsin, USA, pp. 350–354 (2006)

    Google Scholar 

  15. Chen, T.-S., Huang, J.-Y.: A novel key management scheme for dynamic access control in a user hierarchy. Applied Mathematics and Computation 162(1), 339–351 (2005)

    CrossRef  MathSciNet  MATH  Google Scholar 

  16. He, Z.H., Li, Y.-S.: Dynamic key management in a user hierarchy. In: 2nd International Conference on Anti-counterfeiting, Security and Identification, ASID 2008, pp. 298–300 (August 2008)

    Google Scholar 

  17. Crampton, J., Martin, K.M., Wild, P.R.: On key assignment for hierarchical access control. In: CSFW, pp. 98–111. IEEE Computer Society (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mundra, A., Mathuria, A., Das, M.L. (2012). Detecting Flaws in Dynamic Hierarchical Key Management Schemes Using Specification Animation. In: Ramanujam, R., Ramaswamy, S. (eds) Distributed Computing and Internet Technology. ICDCIT 2012. Lecture Notes in Computer Science, vol 7154. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28073-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28073-3_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28072-6

  • Online ISBN: 978-3-642-28073-3

  • eBook Packages: Computer ScienceComputer Science (R0)