This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Merging: An Efficient Solution for a Time-Bound Hierarchical Key Assignment Scheme
January-March 2006 (vol. 3 no. 1)
pp. 91-100
Conventional hierarchical key assignment schemes have not been concerned with a practical situation: Users might be assigned to a class for only a period of time. When a user leaves a class, the keys of that class and all the descendent classes must be renewed. For applications where the privileges of users change frequently or where there are many users, the communication load for key redistributions is very large. Recently, Tzeng [9] proposed a time-bound hierarchical key assignment scheme to address this issue. However, Tzeng's scheme was very complex and suffered from a collusion attack. In this paper, we propose an efficient time-bound scheme based on a technique called merging. The idea behind merging is to consider primitive keys instead of hierarchies. It is conceptually like the compression used in source coding. Through this technique, it is feasible to combine multiple keys into an aggregate key. Thus, communication and storage requirements are greatly reduced. This technique can also be used for an alternative implementation of Akl-Taylor's scheme. Moreover, it can be used to construct a systematic approach for adjusting hierarchies in Akl--Taylor's scheme as well. Through the insights gained from these exercises, we may see that some problems that are usually addressed by the conventional key assignment schemes can be solved directly via merging, with better performance. Furthermore, if other suitable merging functions are found in the future, new secure hierarchical key assignment schemes and time-bound schemes will be obtained accordingly.

[1] S.G. Akl and P.D. Taylor, “Cryptographic Solution to a Problem of Access Control in a Hierarchy,” ACM Trans. Computer Systems, vol. 1, no. 3, pp. 239-248, 1983.
[2] S.J. Mackinnon, P.D. Taylor, H. Meijer, and S.G. Akl, “An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy,” IEEE Trans. Computers, vol. 34, no. 9, pp. 797-802, Sept. 1985.
[3] R.L. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Comm. ACM, vol. 21, no. 2, pp. 120-126, Feb. 1978.
[4] R.S. Sandhu, “Cryptographic Implementation of a Tree Hierarchy for Access Control,” Information Processing Letters, no. 27, pp. 95-98, 1988.
[5] C.S. Laih and T.L. Hwang, ”A Branch Oriented Key Management Solution to Dynamic Access Control in a Hierarchy,” Proc. IEEE Symp. Applied Computing, pp. 422-429, 1991.
[6] L. Harn and H.Y. Lin, “A Cryptographic Key Generation Scheme for Multilevel Data Security,” Computers and Security, vol. 9, no. 6, pp. 539-546, 1990.
[7] C.H. Lin, “Hierarchical Key Assignment without Public-Key Cryptography,” Computers and Security, vol. 20, no. 7, pp. 612-619, 2001.
[8] M.S. Hwang, “Extension of CHW Cryptographic Key Assignment Scheme in a Hierarchy,” IEE Proc. Computers and Digital Techniques, vol. 146, no. 4, July 1999.
[9] W.G. Tzeng, “A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy,” IEEE Trans. Knowledge and Data Eng., vol. 14, no. 1, pp. 182-188, Jan./Feb. 2002.
[10] D.H. Lehmer, “An Extended Theory of Lucas Functions,” Annals Math., vol. 31, pp. 419-448, 1930.
[11] H.Y. Chien, “Efficient Time-Bound Hierarchical Key Assignment Scheme,” IEEE Trans. Knowledge and Data Eng., vol. 16, no. 10, pp. 1301-1304, Oct. 2004.
[12] X. Yi and Y. Ye, “Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy,” IEEE Trans. Knowledge and Data Eng., vol. 15, no. 4, pp. 1054-1055, July/Aug. 2003.
[13] S.Y. Wang and C.S. Laih, “Cryptanalysis of Chien's Time-Bound Hierarchical Key Assignment Scheme,” IEEE Trans. Knowledge and Data Eng., submitted for publication.
[14] D.E. Knuth, The Art of Computer Programming, vol. 2. Reading, Mass.: Addison-Wesley, 1981.
[15] R.E. Blahut, Principles and Practice of Information Theory. Addison-Wesley, 1991.
[16] R. Stanley, Enumerative Combinatorics, vol. 1. Wadsworth and Brooks/Cole, 1986.
[17] Nat'l Inst. of Standards and Technology (NIST). FIPS Publication 46-1: Data Encryption Standard. 22 Jan. 1988.

Index Terms:
Access control, key management, cryptography.
Citation:
Shyh-Yih Wang, Chi-Sung Laih, "Merging: An Efficient Solution for a Time-Bound Hierarchical Key Assignment Scheme," IEEE Transactions on Dependable and Secure Computing, vol. 3, no. 1, pp. 91-100, Jan.-March 2006, doi:10.1109/TDSC.2006.15
Usage of this product signifies your acceptance of the Terms of Use.