A new key assignment scheme for enforcing complicated access control policies in hierarchy
Download
1 / 20

A new key assignment scheme for enforcing complicated access control policies in hierarchy - PowerPoint PPT Presentation


  • 115 Views
  • Uploaded on

A new key assignment scheme for enforcing complicated access control policies in hierarchy. Authors: Iuon-Chang Lin, Min-Shiang Hwang and C. C. Chang Source: Future Generation Computer Systems, Vol.19, pp.457-462, 2003. Adviser: Min-Shiang Hwang Speaker: Chun-Ta Li Date: 2004/11/18.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'A new key assignment scheme for enforcing complicated access control policies in hierarchy' - elvin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
A new key assignment scheme for enforcing complicated access control policies in hierarchy

A new key assignment scheme for enforcing complicated access control policies in hierarchy

Authors: Iuon-Chang Lin, Min-Shiang Hwang and C. C. Chang

Source: Future Generation Computer Systems, Vol.19, pp.457-462, 2003.

Adviser: Min-Shiang Hwang

Speaker: Chun-Ta Li

Date: 2004/11/18


Cryptanalysis of ycn key assignment scheme in a hierarchy

Cryptanalysis of YCN key assignment scheme in a hierarchy control policies in hierarchy

Authors:Min-Shiang Hwang

Source:Information Processing Letters, Vol.73, pp.97-101, 2000.


Modifying ycn key assignment scheme against hwang s attack

Modifying YCN Key Assignment Scheme against Hwang’s Attack control policies in hierarchy

Authors: Jyh-Haw Yeh, Min-Shiang Hwang and Wen-Chen Hu

Preprint submitted to Elsevier Science 5 November 2004


Introduction
Introduction control policies in hierarchy

  • Access control policy – access control problem in a hierarchy

Key1

Key2

Key3

Key4

Key5

Key6

Key management problem

C1

Key2

Key3

C2

C3

C4

C5

C6

Key4

Key5

Key6


Introduction cont
Introduction (cont.) control policies in hierarchy

  • Ak1 and Taylor [1983]

    • Super-key (top-down)

      • CA assigns to each user class {prime, secret key, public parameter}

      • Cjhigh derive the secret key of Cilow

Large public parameter

Secret key and Public parameter of Ci and Cj

Product of the primes of Ci


Introduction cont1
Introduction (cont.) control policies in hierarchy

Large amount of storage to store public parameters

  • Mackinnon et al. [1985] – canonical assignment

    • Reduce the values of public parameters

  • Harn and Lin [1990] – (bottom-up)

    • Security: difficulty of factoring a large number

    • Size of the storage space is much smaller

  • Yeh et al. [1998] – YCN scheme

    • transitive exceptions

    • anti-symmetrical arrangements

Hwang [2000] YCN is insecure

Several user classes can collaborate to derive the derivation and encryption keys


Original ycn scheme

C control policies in hierarchy1

Original YCN Scheme

C4

C2

C3

C5

  • CA

    • Generates secret number K0

    • Generates M (product of two large prime numbers)

    • Assign a prime number Pi to each user class Ci

    • Compute the product Xi for Ci

C6

除鄰近節點外 順著箭頭所能到達的節點

將能順箭頭指到i節點的Pij值做連乘


Original ycn scheme cont
Original YCN Scheme (cont.) control policies in hierarchy

Pm = 7

C1

順箭頭所到達不了的節點質數值

Pn4 = Ø

  • Compute the public information Tie and Tid for Ci

Pn1 = Ø

Pm = 2

Pm = 2,7

C4

C2

P42= 31

Pm = 2,3,7,11,13

除鄰近節點外的祖先節點

P13,43,53 = 17,37,43

C3

C5

Pm = 2,7

P15 = 19

C6

Pm = 2,3,5,7,11

P16,26,46 = 23,29,41


Original ycn scheme cont1
Original YCN Scheme (cont.) control policies in hierarchy

  • Assign the derivation key Kid and encryption key Kie for each Ci

  • Cican use its own derivation key Kid to derive the encryption key Kjeof Cj

kept secret by the user class Ci

C1

C4

C2

C2 derives C3’s encryption key K3e K3e=(K02*3*7*11*13*19*23*29*31*41) mod M = (K02*7*29)2*3*7*11*13*19*23*29*31*41/2*7*29 mod M

C3

C5

C6


The weakness of the ycn scheme
The Weakness of the YCN Scheme control policies in hierarchy

Theorem 1. Assume that there are only two top classes (Ca and Cb) in the hierarchy. Ca and Cb can collaborate to derive the derivation and encryption keys of all of the classes in the YCN scheme.

C1

  • gcd(Tad, Tbd) = 1

  • sTad + tTbd = 1

  • Ca and Cb can collaborate to derive the secret K0

    KsadKtbd= (K0)sTad(K0)tTbd mod M

    = (K0)(sTad+tTbd) mod M

    = K0

  • gcd(T1d,T4d) = gcd(52003,94054) = 1

  • (s, t) = (76107, -42080) such that sT1d + tT4d = 1

    Ks1dKt4d= (K0)sT1d(K0)tT4d mod M

    = (K0)((76107*52003)-(42080*94054)) mod M

    = K0

C4

C2

C3

C5

C6

T1d = 7,17,19,23

T4d = 2,31,37,41


The weakness of the ycn scheme cont
The Weakness of the YCN Scheme (cont.) control policies in hierarchy

C1

Theorem 2. If C1,C2,…, and Cn are n top classes in the hierarchy, any two of these classes (e.g., C1 and C2) can collaborate to derive the derivation and encryption keys of all successors of these top classes.

C4

C2

  • C1 and C2 derivation and encryption keys of C6

    • gcd(T1d, T2d) = 7

    • s(T1d/7) + t(T2d/7) = 1

    • C1 and C2 can collaborate to derive the secret (K0)7

      ((K1d)s(K2d)t)T6d/7mod M

      = ((K0)sT1d(K0)tT2d)T6d/7 mod M

      = (K0)T6dmod M

      = K6d

  • C5 and C6 derivation and encryption keys of C3

    • gcd(T5d, T6d) = 2*7 = 14

    • s(T5d/14) + t(T6d/14) = 1

    • C1 and C2 can collaborate to derive the secret (K0)14

      ((K5d)s(K6d)t)T3d/14mod M

      = ((K0)sT5d(K0)tT6d)T3d/14 mod M

      = (K0)T3dmod M

      = K3d

C3

C5

C6

(K0)7

(K0)14


The modified ycn scheme
The Modified YCN Scheme control policies in hierarchy

C1

  • CA

    • Generates secret number K0

    • Generates M (product of two large prime numbers)

    • Assign a prime number Pi to each user class Ci

    • Compute the product Pi` for Ci

C4

C2

C3

C5

C6


The modified ycn scheme cont

T control policies in hierarchyid

Tid

The Modified YCN Scheme (cont.)

  • CA computes the public information Tid and Tie

C1

5*

11*19

*7

*13

*3

(1,3)

(1,5)

(1,4)

(1,6)

1(2)

C4

C2

3

2*

5*

7*

C3

C5

(5,1)

(5,3)

(5,4)

5(2)

Tie

C6

*17

2*3*5*7*11*13

*1


The modified ycn scheme cont1
The Modified YCN Scheme (cont.) control policies in hierarchy

  • CA assigns a derivation key Kid = (K0)Tidmod M and an encryption key Kie = (K0)Tiemod M

  • A class Ci can apply a key derivation function fil(x,y) to derive another class Cl’s key (x and y could be either the character d or e)

    • fil(x,y) = (Kix)Tly/Tix = ((K0)Tix)Tly/Tix = (K0)Tly)mod M = Kly


The modified ycn scheme cont2
The Modified YCN Scheme (cont.) control policies in hierarchy

  • Theorem 1. Under the modified YCN key assignment scheme, Tid|Tle if and only if the policy allows Ci to access Cl, i.e., (Ci,Cl) .

  • Theorem 2. If the policy does not allow any class Cik to access Cl, i.e., ,then both Tld and Tle are not multiple of Y under the modified YCN scheme, where .

  • Theorem 3. If there is a transitive exception Ci Cl with an intermediate class Ck, i.e., Ci(Ck), then Tid Tkd and Tke Tld under the modified YCN scheme.


A new key assignment scheme
A New Key Assignment Scheme control policies in hierarchy

  • CA generates two large primes: p and q

  • CA calculates n = p*q, where n is public

  • CA chooses another parameter, g

  • CA chooses a set of distinct primes {e1,e2,…,em} for all user classes {C1,C2,…,Cm}

  • CA calculates {d1,d2,…,dm}

gcd(Ø(n), ei) = 1 and 1 < ei < Ø(n)

ei x di≡ 1 mod Ø(n)


A new key assignment scheme cont
A New Key Assignment Scheme (cont.) control policies in hierarchy

  • CA generates the derivation keys {DK1,DK2,…,DKm} and the secret keys {SK1,SK2,…,SKm} for all user classes {C1,C2,…,Cm}

  • Ci can derive the secret key of class Cj with the derivation key DKi as follows:


A new key assignment scheme cont1
A New Key Assignment Scheme (cont.) control policies in hierarchy

  • Example

    • CA calculates the derivation keys

      • C1:DK1 = gd2*d4 mod n SK1 = gd1 mod n

      • C2:DK2 = gd3*d4 mod n SK2 = gd2 mod n

      • C3:DK3 = null SK3 = gd3 mod n

      • C4:DK4 = gd2 mod n SK4 = gd4 mod n

    • C1 derives the secret keys SK2 and Sk4

      • SK2 = DK1e4 mod n

      • SK4 = DK1e2 mod n


Thanks for your attention

Thanks for your attention control policies in hierarchy


Example
Example control policies in hierarchy

  • transitive exceptions

    • C1 can access C2 and C2 can access C3

    • But C1 cannot access C3

  • anti-symmetrical arrangements

    • C2 can access C4 and C4 can access C2

    • But C2 and C4 are two different user classes