On the Use of Key Assignment Schemes in Authentication Protocols

  • James Alderman
  • Jason Crampton
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7873)


In this paper, we explore the use of Key Assignment Schemes in entity authentication protocols where authentication requires the claiment to demonstrate knowledge of a derivable key. By controlling the distribution of such keys, restrictions may be efficiently placed upon the circumstances under which an entity may be authenticated and the services to which they may gain access. We explore how standardized protocols may be extended to authenticate entities as members of a group associated to a particular security label, whilst protecting the long-term secrets in the system. We also see that such constructions may allow for authentication whilst preserving anonymity.


Key assignment scheme entity authentication membership authentication authentication policy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akl, S.G., Taylor, P.D.: Akl and Peter D. Taylor. Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)CrossRefGoogle Scholar
  2. 2.
    Alderman, J., Crampton, J.: On the use of key assignment schemes in authentication protocols. CoRR, abs/1303.4262 (2013),
  3. 3.
    Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and efficient key management for access hierarchies. ACM Trans. Inf. Syst. Secur. 12(3) (2009)Google Scholar
  4. 4.
    Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations. Technical Report MTR-2547, MITRE Corporation (1973)Google Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Franklin, M.K.: Anonymous authentication with subset queries (extended abstract). In: Motiwalla, J., Tsudik, G. (eds.) ACM Conference on Computer and Communications Security, pp. 113–119. ACM (1999)Google Scholar
  7. 7.
    Crampton, J., Martin, K.M., Wild, P.R.: On key assignment for hierarchical access control. In: CSFW, pp. 98–111. IEEE Computer Society (2006)Google Scholar
  8. 8.
    Fujii, A., Ohtake, G., Hanaoka, G., Ogawa, K.: Anonymous authentication scheme for subscription services. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007/WIRN 2007, Part III. LNCS (LNAI), vol. 4694, pp. 975–983. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Fujisaki, E., Suzuki, K.: Traceable ring signature. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 181–200. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    International Organization for Standardization (ISO): ISO/IEC 9798-2:2008: Information technology - Security techniques - Entity authentication - Part 2: Mechanisms using symmetric encipherment algorithms (2008)Google Scholar
  11. 11.
    Naor, M.: Deniable ring authentication. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 481–498. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Ohta, K., Okamoto, T., Koyama, K.: Membership authentication for hierarchical multigroups using the extended fiat-shamir scheme. In: Damgård, I. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 446–457. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  13. 13.
    Tzeng, W.-G.: A secure system for data access based on anonymous authentication and time-dependent hierarchical keys. In: Lin, F.-C., Lee, D.-T., Lin, B.-S.P., Shieh, S., Jajodia, S. (eds.) ASIACCS, pp. 223–230. ACM (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • James Alderman
    • 1
  • Jason Crampton
    • 1
  1. 1.Information Security GroupRoyal Holloway, University of LondonUK

Personalised recommendations