3 research outputs found
Cryptographic enforcement of information flow policies without public information via tree partitions
We may enforce an information flow policy by encrypting a protected resource
and ensuring that only users authorized by the policy are able to decrypt the
resource. In most schemes in the literature that use symmetric cryptographic
primitives, each user is assigned a single secret and derives decryption keys
using this secret and publicly available information. Recent work has
challenged this approach by developing schemes, based on a chain partition of
the information flow policy, that do not require public information for key
derivation, the trade-off being that a user may need to be assigned more than
one secret. In general, many different chain partitions exist for the same
policy and, until now, it was not known how to compute an appropriate one.
In this paper, we introduce the notion of a tree partition, of which chain
partitions are a special case. We show how a tree partition may be used to
define a cryptographic enforcement scheme and prove that such schemes can be
instantiated in such a way as to preserve the strongest security properties
known for cryptographic enforcement schemes. We establish a number of results
linking the amount of secret material that needs to be distributed to users
with a weighted acyclic graph derived from the tree partition. These results
enable us to develop efficient algorithms for deriving tree and chain
partitions that minimize the amount of secret material that needs to be
distributed.Comment: Extended version of conference papers from ACNS 2015 and DBSec 201
Key Indistinguishability vs. Strong Key Indistinguishability for Hierarchical Key Assignment Schemes
A hierarchical key assignment scheme is a method to assign some private information and encryption keys to a set of classes in a partially ordered hierarchy, in such a way that the private information of a higher class can be used to derive the keys of all classes lower down in the hierarchy.
In this paper we analyze the security of hierarchical key assignment schemes according to different notions: security with respect to key indistinguishability and against key recovery, as well as the two recently proposed notions of security with respect to strong key indistinguishability and against strong key recovery. We first explore the relations between all security notions and, in particular, we prove that security with respect to strong key indistinguishability is not stronger than the one with respect to key indistinguishability. Afterwards, we propose a general construction yielding a hierarchical key assignment scheme offering security against strong key recovery, given any hierarchical key assignment scheme which guarantees security against key recovery
Provably Secure Key Assignment Schemes from Factoring
Abstract. We provide constructions for key assignment schemes that are provably secure under the factoring assumption in the standard model. Our first construction is for simple “chain ” hierarchies, and achieves security against key recovery attacks with a tight reduction from the problem of factoring integers of a special form. Our second construction applies for general hierarchies, achieves the stronger notion of key indistinguishability, and has security based on the hardness of factoring Blum integers. We compare our constructions to previous schemes, in terms of security and efficiency