This Article 
 Bibliographic References 
 Add to: 
A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy
January/February 2002 (vol. 14 no. 1)
pp. 182-188

Abstract—The cryptographic key assignment problem is to assign cryptographic keys to a set of partially ordered classes so that the cryptographic key of a higher class can be used to derive the cryptographic key of a lower class. In this paper, we propose a time-bound cryptographic key assignment scheme in which the cryptographic keys of a class are different for each time period, that is, the cryptographic key of class $C_i$ at time $t$ is $K_{i,t}$. Key derivation is constrained not only by the class relation, but also the time period. In our scheme, each user holds some secret parameters whose number is independent of the number of the classes in the hierarchy and the total time periods. We present two novel applications of our scheme. One is to broadcast data to authorized users in a multilevel-security way and the other is to construct a flexible cryptographic key backup system.

[1] S.G. Akl and P.D. Taylor, “Cryptographic Solution to a Problem of Access Control in a Hierarchy,” ACM Trans. Computer Systems, vol. 1, no. 3, pp. 239-248, 1983.
[2] D. Bleichenbacher, W. Bosma, and A.K. Lenstra, “Some Remarks on Lucas-Based Cryptosystems,” Proc. Advances in Cryptology-Crypto 95. Springer-Verlag, pp. 386-396, 1995.
[3] C.C. Chang, R.J. Hwang, and T.C. Wu, “Cryptographic Key Assignment Scheme for Access Control in a Hierarchy,” Information Systems, vol. 17, no. 3, pp. 243-247, 1992.
[4] G. Chiou and W. Chen, “Secure Broadcasting Using the Secure Lock,” Trans. Software Eng., vol. 15, no. 8, pp. 929-934, 1989.
[5] J.M. DeLaurentis, “A Further Weakness in the Common Modulus Protocol for the RSA Cryptosystem,” Cryptologia, vol. 8, no. 3, pp. 253-259, 1984.
[6] D.E.R. Denning, Cryptography and Data Security. Addison-Wesley, 1983.
[7] L. Harn and H.Y. Lin, “A Cryptographic Key Generation Scheme for Multilevel Data Security,” Computers and Security, vol. 9, no. 6, pp. 539-546, 1990.
[8] H. Lehmer, “An Extended Theory of Lucas Functions,” Ann. Math., vol. 31, pp. 419-448, 1930.
[9] S.J. Mackinnon, P.D. Taylor, H. Meijer, and S.G. Akl, “An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy,” Trans. Computers, vol. 34, no. 9, pp. 797-802, 1985.
[10] D.P. Maher, “Crypto Backup and Key Escrow,” Comm. ACM, vol. 39, no. 3, pp. 48-53, 1996.
[11] A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, Fla., 1996, pp. 543-590.
[12] R.L. Rivest,A. Shamir, and L.A. Adleman,"A Method for Obtaining Digital Signatures and Public Key Cryptosystems," Comm. ACM, vol. 21, pp. 120-126, 1978.
[13] R.S. Sandhu, “Cryptographic Implementation of a Tree Hierarchy for Access Control,” Information Processing Letters, no. 27, pp. 95-98, 1988.
[14] B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C.New York: John Wiley&Sons, Inc., 1996.
[15] P.J. Smith and M.J.J. Lennon, “LUC: A New Public Key System,” Proc. Ninth IFIP Symp. Computer Security, pp. 103-117, 1993.
[16] S.T. Walker, S.B. Lipner, C.M. Ellison, and D.M. Balenson, “Commercial Key Recovery,” Comm. ACM, vol. 39, no. 3, pp. 41-47, 1996.
[17] S.M. Yen and C.S. Laih, Fast Algorithms for LUC Digital Signature Computation Proc. IEEE Computers and Digital Technology, vol. 142, no. 2, pp. 165-169, 1995.

Index Terms:
access control, cryptographic key assignment, secure broadcasting, cryptographic key backup
W.G. Tzeng, "A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy," IEEE Transactions on Knowledge and Data Engineering, vol. 14, no. 1, pp. 182-188, Jan.-Feb. 2002, doi:10.1109/69.979981
Usage of this product signifies your acceptance of the Terms of Use.