Cryptographic Enforcement of Access Control while Mitigating Key Sharing

Keith B. Frikken

doi:10.5220/0004042602450250

Cryptographic Enforcement of Access Control while Mitigating Key Sharing

Keith B. Frikken

2012

Abstract

In this paper, we consider the well-studied problem of cryptographic enforcement of hierarchical-based access control. While this problem is well-studied, a significant drawback to prior approaches is that if a corrupt user shares his key, then any user can access the content of the corrupt user. This is particularly damaging since it is not possible to determine the identity of the corrupt user, and almost all previous schemes require some rekeying in order to revoke a key. To mitigate this key sharing attack, we propose a new model for cryptographic enforcement: Identity-based key management (IBKM). In this framework, each key is associated with an identity and this identity is required to access content. This allows the system to trace the source of key leakage and to revoke users without rekeying. The main disadvantage of this framework is the scheme does not have the ability to provide anonymous access, but it can be used to provide pseudonymous access. The main contributions of this paper are formal definitions for IBKM and schemes for achieving IBKM.

Download

Paper Citation

in Harvard Style

B. Frikken K. (2012). Cryptographic Enforcement of Access Control while Mitigating Key Sharing . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012) ISBN 978-989-8565-24-2, pages 245-250. DOI: 10.5220/0004042602450250

in Bibtex Style

@conference{secrypt12,
author={Keith B. Frikken},
title={Cryptographic Enforcement of Access Control while Mitigating Key Sharing},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)},
year={2012},
pages={245-250},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004042602450250},
isbn={978-989-8565-24-2},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2012)
TI - Cryptographic Enforcement of Access Control while Mitigating Key Sharing
SN - 978-989-8565-24-2
AU - B. Frikken K.
PY - 2012
SP - 245
EP - 250
DO - 10.5220/0004042602450250