The access control problem in a hierarchy can be solved by using a hierarchical key assignment scheme, where each class is assigned an encryption key and some private information. A formal security analysis for hierarchical key assignment schemes has been traditionally considered in two different settings, i.e., the unconditionally secure and the computationally secure setting, and with respect to two different notions: security against key recovery (KR-security) and security with respect to key indistinguishability (KI-security), with the latter notion being cryptographically stronger. Recently, Freire, Paterson and Poettering proposed strong key indistinguishability (SKI-security) as a new security notion in the computationally secure setting, arguing that SKI-security is strictly stronger than KI-security in such a setting. In this paper we consider the unconditionally secure setting for hierarchical key assignment schemes. In such a setting the security of the schemes is not based on specific unproven computational assumptions, i.e., it relies on the theoretical impossibility of breaking them, despite the computational power of an adversary coalition. We prove that, in this setting, SKI-security is not stronger than KI-security, i.e., the two notions are fully equivalent from an information-theoretic point of view.

On the equivalence of two security notions for hierarchical key assignment schemes in the unconditional setting

MASUCCI, Barbara
2015

Abstract

The access control problem in a hierarchy can be solved by using a hierarchical key assignment scheme, where each class is assigned an encryption key and some private information. A formal security analysis for hierarchical key assignment schemes has been traditionally considered in two different settings, i.e., the unconditionally secure and the computationally secure setting, and with respect to two different notions: security against key recovery (KR-security) and security with respect to key indistinguishability (KI-security), with the latter notion being cryptographically stronger. Recently, Freire, Paterson and Poettering proposed strong key indistinguishability (SKI-security) as a new security notion in the computationally secure setting, arguing that SKI-security is strictly stronger than KI-security in such a setting. In this paper we consider the unconditionally secure setting for hierarchical key assignment schemes. In such a setting the security of the schemes is not based on specific unproven computational assumptions, i.e., it relies on the theoretical impossibility of breaking them, despite the computational power of an adversary coalition. We prove that, in this setting, SKI-security is not stronger than KI-security, i.e., the two notions are fully equivalent from an information-theoretic point of view.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11386/4663136
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 9
  • ???jsp.display-item.citation.isi??? 7
social impact