Abstract
A popular cryptographic option to implement Hierarchical Access Control in organizations is to combine a key assignment scheme with a symmetric encryption scheme. In brief, key assignment associates with each object in the hierarchy a unique symmetric key, and provides all higher-ranked “authorized” subjects with a method to recover it. This setup allows for encrypting the payloads associated with the objects so that they can be accessed by the authorized and remain inaccessible for the unauthorized. Both key assignment and symmetric encryption have been researched for roughly four decades now, and a plethora of efficient constructions have been the result. Surprisingly, a treatment of the joint primitive (key assignment combined with encryption, as used in practice) in the framework of provable security was conducted only very recently, leading to a publication in ToSC 2018(4). We first carefully revisit this publication. We then argue that there are actually two standard use cases for the combined primitive, which also require individual treatment. We correspondingly propose a fresh set of security models and provably secure constructions for each of them. Perhaps surprisingly, the two constructions call for different symmetric encryption primitives: While standard AEAD is the right tool for the one, we identify a less common tool called Encryptment as best fitting the other.
Highlights
Access control is the protection of resources against access by unauthorized entities [Shi07]
The ordered set defined by the information flow policy (IFP) can be represented as a hierarchy, we will refer to Hierarchical Access Control (HAC) in this paper
Kandele and Paul (KP) assume that HAC should be implemented from key assignment scheme (KAS) by KASderiving a key and using the latter with authenticated encryption (AE) [KP18a, p. 151]
Summary
Access control is the protection of resources (objects) against access by unauthorized entities (users) [Shi07]. The classical example is government documents that can be labelled from ‘Top Secret’ to ‘Unclassified’ and a civil servant would need a high enough security clearance to access these documents. A key assignment scheme (KAS) is a mechanism to cryptographically enforce an information flow policy, first proposed by Akl and Taylor [AT83] With such a mechanism each clearance level is associated with some unique private information. Received: 2019-11-23, Revised: 2020-03-02, Accepted: 2020-05-01, Published: 2020-07-24 their private information to derive symmetric encryption keys assigned to all objects lower in the hierarchy These symmetric keys can subsequently be used to decrypt objects, ensuring that only authorized users, i.e. those who can derive the correct key, will be able to decrypt and access the object. In this article we will focus on the combined primitive of key assignment schemes and encryption, as it would be used in practice
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
