Provably-Secure Time-Bound Hierarchical Key Assignment Schemes

Ateniese, Giuseppe; Santis, Alfredo De; Ferrara, Anna Lisa; Masucci, Barbara

doi:10.1007/s00145-010-9094-6

Cited by 55 publications

(60 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their aim was to propose a collusion secure scheme. However, later in 2006, Ateniese et al found a two party collusion attack in their scheme. The attack also reflected in a later work proposed by Yeh …”

Section: Discussionmentioning

confidence: 99%

“…We here prove that the proposed scheme is secure against stronger security notion, ie, key i n d i s t i n g u i s h a b i l i t y . Remember that the work of Ateniese et al in 2006 proved that a THKAS is secure against static indistinguishable adversary if and only if it is secure against an adaptive indistinguishable adversary. For the sake of easiness of the proof, we consider the static indistinguishable adversary in our proof model that implies the security against an adaptive indistinguishable adversary.…”

Section: New Schemementioning

confidence: 99%

See 1 more Smart Citation

An efficient and provably secure time‐limited key management scheme for outsourced data

Kumar

Tiwari²,

Zheng

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

Summary A time‐limited data access control scheme allows a user's access to the data files only for a specified time period. A cryptographic solution to the time‐limited access control problem is by encrypting each data group associated with a time period with a distinct key. The data is encrypted by the data owner. The respective decryption keys are then distributed to authorized users by the data owner. A user requires one secret decryption key storage for each authorized time period. To reduce the secret key storage with each user, time‐limited hierarchical key management schemes are generally used. Many such schemes are proposed in the recent years. The objective of these schemes is system efficiency and data security. Construction of such schemes become more challenging when data is outsourced to an untrusted third party service provider. In current work, an efficient and secure time‐limited hierarchical key assignment scheme is proposed for key management suitable for data outsourcing scenario. We compare it with the other recent similar schemes. The scheme is formally proved against the modern stronger security notion called key indistinguishability.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: New Schemementioning

confidence: 99%

An efficient and provably secure time‐limited key management scheme for outsourced data

Kumar

Tiwari²,

Zheng

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…Later, Chien 20 applied hash chaining to greatly improve the computational performance. Ateniese et al 21 proposed a formally probably secure scheme in a formal model. Inspired by Chien 20 and Ateniese et al, 21 we propose a range-bound key assignment and apply the technique to reduce the communication overhead of long AV lists.…”

Section: Related Workmentioning

confidence: 99%

An effective approach to solving large communication overhead issue and strengthening the securities of AKA protocols

Chien

2017

Int J Communication

View full text Add to dashboard Cite

SummaryAuthentication and key agreement (AKA) is a challenge-response-like security protocol that uses symmetric-key cryptography to establish authenticated keys between 2 parties. Its application in the third-generation mobile system universal mobile telecommunications system (UMTS) is called UMTS-AKA, and the version applied in the fourth-generation mobile communication system long-term evolution (LTE) is called LTE-AKA. Both UMTS-AKA and LTE-AKA share the same weakness: the network operators need to maintain a large space of authentication vectors for visiting stations, and the transmission of the vectors causes lots of overhead. This weakness will be amplified when there are billions of devices accessing the network in the Internet-of-things scenarios. In addition, these schemes provide only key distribution (not key agreement) and cannot provide session key forward secrecy. In this paper, we propose a range-bound key assignment technique to tackle the challenges. The proposed scheme drastically reduces the communication overhead and greatly strengthens the security robustness. The securities are analyzed and are verified using the AVISPA toolset. | INTRODUCTIONIn the mobile networks such as universal mobile telecommunications system (UMTS) and long-term evolution (LTE), a mobile station (MS) need to establish authenticated keys with the current serving network (SN) via the help of the station's home network (HN). 1-3 The authentication and key agreement (AKA) protocol is one of the most popular authentication protocols adopted in mobile networks. AKA is a challenge-response-like (we will elaborate on this in Section 2) protocol that applies symmetric-key cryptography to establish authenticated keys between 2 parties. Initially, an MS and its HN share some secret keys. When an MS visits an SN, it launches a service request upon which the SN forwards the request to the HN, and the HN returns some authentication vectors (AVs) for the SN to share authenticated session keys with the MS. The long latency between an SN and an HN could incur unbearable communication burden on the authentication process; therefore, the core of both UMTS-AKA 1 and LTE-AKA 2 is to reduce the number of interactions between an SN and an HN. This is achieved by delivering a list of AVs when an SN forwards a request to an HN. Each vector in an AV list consists of (XSQN, RAND, AUTH, XRES, and keying materials) for the SN and the MS to authenticate each other and to derive the same session keys (keying materials). XSQN is an encrypted form of the MS's sequence number (SQN). RAND acts a challenge from the HN. AUTH acts as the HN's response to the MS's request. XRES is the expected response from the MS. Because the HN is not directly involved in the authentication process, the SQN is checked by the MS to ensure the freshness of the corresponding AUTH. This

show abstract

“…Benaloh [8] presented an encryption technique which was originally proposed for concisely sending large number of keys in broadcast situation. We will review briefly its key derivation process here for a concrete description of what are the desirable properties we want to achieve.…”

Section: B Appressed Key In Symmetric Key Encryptionmentioning

confidence: 99%

“…Cryptographic key assignment schemes (e.g. [4], [8]) aim to minimize the cost in managing and storing secret keys for universal cryptographic use. Developing a tree structure for storing keys, a key for a given branch can be utilized for deriving the keys of its descendant nodes.…”

Section: Other Schemesmentioning

confidence: 99%

A review of scalable data sharing techniques for secure cloud storage

Tripathi

Khare

Singh

2015

2015 International Conference on Advances in Computer Engineering and Applications

View full text Add to dashboard Cite

Cloud computing is a technology which supplies a shared pool of configurable IT resources such as network, software and database. Cloud Computing provides the facility of centralized data storage, user can access their data online. Cloud storage is very popular now a days. Data which is stored on clouds should be secure from adversaries. In cloud storage data sharing is an important functionality. Data transfer should be done securely and efficiently with others in cloud computing. In this paper we review different scalable data sharing techniques in cloud storage. To minimize the expense of managing and storing secret keys for general cryptographic use is aim of cryptographic key assignment schemes. For supporting flexible hierarchy in decryption power delegation, a encryption scheme is represented which is basically proposed for concisely transmitting large number of decryption keys in broadcast scenario .To protect data privacy is a central question for cloud storage. We illustrate new public-key encryption scheme, which produces constant-size cipher texts such as efficient delegation decryption rights for any set of cipher texts are possible.

show abstract

Provably-Secure Time-Bound Hierarchical Key Assignment Schemes

Cited by 55 publications

References 37 publications

An efficient and provably secure time‐limited key management scheme for outsourced data

An efficient and provably secure time‐limited key management scheme for outsourced data

An effective approach to solving large communication overhead issue and strengthening the securities of AKA protocols

A review of scalable data sharing techniques for secure cloud storage

Contact Info

Product

Resources

About