Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy

Recently, Wu and Chang and Shen and Chen separately proposed a cryptographic key assignment scheme for solving access control problem in a partially ordered user hierarchy. However, this paper will show the security leaks inherent in both schemes based on polynomial interpolations. That is, the users can have access to the information items held by others without following the predefined partially ordered relation. Finally, we proposed two improvements to eliminate such security flaws.

In this section, we will brief review the Wu-Chang scheme [1] and the Shen-Chen scheme [2], respectively. Both schemes are divided into the key generation and the key derivation stages as described below.

The Wu-Chang scheme

Let C = {C 1 , C 2 , …, C n } be a set of n security classes in the hierarchy and the notation "≤" denote a binary partially ordered relation on C.

Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy