Abstract
Since the very beginnings of cryptography many centuries ago, key management has been one of the main challenges in cryptographic research. In case of a group of players wanting to share a common key, many schemes exist in the literature, managing groups where all players are equal or proposing solutions where the group is structured as a hierarchy. This paper presents the first key management scheme suitable for a hierarchy where no central authority is needed and permitting to manage a graph representing the hierarchical group with possibly several roots. This is achieved by using a HMAC and a non-hierarchical group key agreement scheme in an intricate manner and introducing the notion of virtual node.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. In: ACM (ed.) ACM Trans. Comput. Syst. (TOCS 1983), vol. 1, pp. 239–248 (1983)
Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: ACM CCS 2005, pp. 190–202 (2005)
Bellare, M.: New proofs for nmac and hmac. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006)
Birget, J., Zou, X., Noubir, G., Ramamurthy, B.: Hierarchy-based access control in distributed environments. In: IEEE International Conference on Communications, vol. 1, pp. 229–233 (2001)
Bresson, E., Chevassut, O., Pointcheval, D.: Provably secure authenticated group diffie-hellman key exchange. ACM Trans. Inf. Syst. Secur. 10(3), 10 (2007)
Chang, C.-C., Lin, I.-C., Tsai, H.-M., Wang, H.-H.: A key assignment scheme for controlling access in partially ordered user hierarchies. In: AINA 2004, p. 376. IEEE Computer Society, Los Alamitos (2004)
Chick, G.C., Tavares, S.E.: Flexible access control with master keys. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 316–322. Springer, Heidelberg (1990)
Chou, J.-S., Lin, C.-H., Lee, T.-Y.: A novel hierarchical key management scheme based on quadratic residues. In: Cao, J., Yang, L.T., Guo, M., Lau, F. (eds.) ISPA 2004. LNCS, vol. 3358, pp. 858–865. Springer, Heidelberg (2004)
Das, M.L., Saxena, A., Gulati, V.P., Phatak, D.B.: Hierarchical key management scheme using polynomial interpolation. SIGOPS 39(1), 40–47 (2005)
De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic key assignment schemes for any access control policy. Inf. Process. Lett. 92(4), 199–205 (2004)
Desmedt, Y., Lange, T., Burmester, M.: Scalable authenticated tree based group key exchange for ad-hoc groups. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 104–118. Springer, Heidelberg (2007)
Hardjono, T., Zheng, Y., Seberry, J.: New solutions to the problem of access control in a hierarchy. Technical Report Preprint 93-2 (1993)
He, M., Fan, P., Kaderali, F., Yuan, D.: Access key distribution scheme for level-based hierarchy. In: PDCAT 2003, pp. 942–945 (2003)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. J. Cryptol. 20(1), 85–113 (2007)
Kim, Y., Perrig, A., Tsudik, G.: Group key agreement efficient in communication. IEEE Trans. Comput. 53(7), 905–921 (2004)
Kim, Y., Perrig, A., Tsudik, G.: Tree-based group key agreement. ACM Trans. Inf. Syst. Secur. 7(1), 60–96 (2004)
Kuo, F.H., Shen, V.R.L., Chen, T.S., Lai, F.: Cryptographic key assignment scheme for dynamic access control in a user hierarchy. In: IEE Proceedings Computers and Digital Techniques, vol. 146, pp. 235–240 (1999)
Lee, S., Kim, Y., Kim, K., Ryu, D.-H.: An efficient tree-based group key agreement using bilinear map. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846. Springer, Heidelberg (2003)
Lin, C.-H.: Hierarchical key assignment without public-key cryptography. Computers & Security 20, 612–619 (2001)
Krawczyk, H., Bellare, M., Canetti, R.: Hmac: Keyed-hashing for message authentication. In: RFC 2104 (1997)
MacKinnon, S.J., Taylor, P.D., Meijer, H., Akl, S.G.: An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Trans. Comput. 34(9), 797–802 (1985)
Ragab Hassen, H., Bouabdallah, A., Bettahar, H., Challal, Y.: Key management for content access control in a hierarchy. Comput. Netw. 51(11), 3197–3219 (2007)
Ray, I., Narasimhamurthi, N.u.: A cryptographic solution to implement access control in a hierarchy and more. In: SACMAT 2002, pp. 65–73. ACM, New York (2002)
Steiner, M., Tsudik, G., Waidner, M.: Key agreement in dynamic peer groups. IEEE Transactions on Parallel and Distributed Systems 11(8), 769–780 (2000)
Wu, J., Wei, R.: An access control scheme for partially ordered set hierarchy with provable security (2004/295) (2004), http://eprint.iacr.org/
Zhang, Q., Wang, Y.: A centralized key management scheme for hierarchical access control. In: IEEE GLOBECOM 2004, vol. 4, pp. 2067–2071 (2004)
Zheng, Y., Hardjono, T., Pieprzyk, J.: Sibling intractable function families and their applications. In: Matsumoto, T., Imai, H., Rivest, R.L. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 124–138. Springer, Heidelberg (1993)
Zhong, S.: A practical key management scheme for access control in a user hierarchy. Computers & Security 21, 750–759 (2002)
Zou, X., Karandikar, Y., Bertino, E.: A dynamic key management solution to access hierarchy. Int. J. Netw. Manag. 17(6), 437–450 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Canard, S., Jambert, A. (2008). Group Key Management: From a Non-hierarchical to a Hierarchical Structure. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds) Progress in Cryptology - INDOCRYPT 2008. INDOCRYPT 2008. Lecture Notes in Computer Science, vol 5365. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89754-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-540-89754-5_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89753-8
Online ISBN: 978-3-540-89754-5
eBook Packages: Computer ScienceComputer Science (R0)