Cryptanalysis and improvement of an access control in user hierarchy based on elliptic curve cryptosystem
- 作者:Ashok Kumar Dasa ; iitkgp.akdas@gmail.com ; ashok.das@iiit.ac.in ; Nayan Ranjan Paulb ; nayan.p@kmbb.in ; Laxminath Tripathyc ; laxmintripathy@gmail.com
- 关键词:Key management ; Elliptic curve ; Hierarchical access control ; Polynomial interpolation ; Security ; Exterior root finding attacks
- 刊名:Information Sciences
- 出版年:2012
- 期刊代码:62_00200255
- 类别:cp
- 出版时间:20 November, 2012
- 卷:209
- 期:Complete
- 页码:80-92
- 文件大小:294 K
摘要
In a key management scheme for hierarchy based access control, each security class having higher clearance can derive the cryptographic secret keys of its other security classes having lower clearances. In 2008, Chung et al. proposed an efficient scheme on access control in user hierarchy based on elliptic curve cryptosystem [Information Sciences 178 (1) (2008) 230-243]. Their scheme provides solution of key management efficiently for dynamic access problems. However, in this paper, we propose an attack on Chung et al.鈥檚 scheme to show that Chung et al.鈥檚 scheme is insecure against the exterior root finding attack. We show that under this attack, an attacker (adversary) who is not a user in any security class in a user hierarchy attempts to derive the secret key of a security class by using the root finding algorithm. In order to remedy this attack, we further propose a simple improvement on Chung et al.鈥檚 scheme. Overall, the main theme of this paper is very simple: a security flaw is presented on Chung et al.鈥檚 scheme and then a fix is provided in order to remedy the security flaw found in Chung et al.鈥檚 scheme.