A new cryptographic key assignment scheme with time-constraint access control in a hierarchy

摘要

The hierarchical cryptographic key assignment is used to assign cryptographic keys to a set of partially ordered classes so that the user in a higher class can derive the cryptographic key for users in a lower class.However,the existing secure schemes for the cryptographic key assignment in a hierarchy do not consider the situation that a user may be in a class for only a period of time.If a user resigned from his class c_i and he premeditatedly eavesdrops on data transmissinos,then he can also decrypt the data in class c_j if and only if the class c_j is lower than the class c_i.Thus, all messages are likely to be compromised during the span of the system.In this paper,we propose a new cryptographic key assignment scheme with time-constraint in which the cryptographic keys of a class are different for each time period.Our goal is to minimize the potential damages over a public network.Once the time period is expired,the cryptographic keys' owner cannot access any subsequent class keys.Therefore,as a user resigned from his class premeditatedly eavesdrops on later messages,he cannot then decrypt the message with his old keys.Moreover,in the proposed method,the key generation and key derivation are quite simple, and the number of the public/secret parameters for each authenticated user is fixed and small which differs from most previously proposed schemes.Hence,it is very appropriate to communicate securely over an open network.