A secure effective key management scheme for dynamic access control in a large leaf class hierarchy

Odelu, Vanga; Das, Ashok Kumar; Goswami, Adrijit

doi:10.1016/j.ins.2013.10.022

Cited by 49 publications

(31 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We use the proof of the formal security by the method of contradiction as in [7]. We follow the similar analysis as in [11,14,15,27], [28]. Note that one can also prove the formal security in the standard model.…”

Section: Formal Security Analysismentioning

confidence: 99%

See 1 more Smart Citation

A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks

Das

2015

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

Critical applications in wireless sensor network (WSN) are real-time based applications. Therefore, users are generally interested in accessing real-time information. This is possible, if the users (called the external parties) are allowed to access the real-time data directly from the sensor nodes inside WSN and not from the base station. The sensory information from nodes are gathered periodically by the base station and so, the gathered information may not be real-time. In order to get the real-time information from the sensor nodes, the user needs to be first authorized to the sensor nodes as well as the base station so that the illegal access to nodes do not happen. In this paper, we propose a novel three-factor user authentication scheme suited for distributed WSNs. Our scheme is light-weight, because it only requires the efficient cryptographic hash function, and symmetric key encryption and decryption operations. Further, our scheme is secure against different known attacks which are proved through the rigorous informal and formal security analysis. In addition, we simulate our scheme for the formal security verification using Automated Validation of Internet Security Protocols and Applications tool. The simulation results clearly demonstrate that our scheme is secure against passive and active adversaries.

show abstract

Section: Formal Security Analysismentioning

confidence: 99%

“…Proof We follow the proof of this theorem similar to that in [11,14,15,27,28]. We need to construct an adversary A who will have the ability to derive the identity ID i of a legal user U i and the secret information X s of the BS.…”

Section: Theorem 1 Under the Assumption That A One-way Hash Function mentioning

confidence: 99%

A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks

Das

2015

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

show abstract

“…In the following definition, we define IND-CPA in single and multiple eavesdropper setting [11,14,15].…”

Section: Symmetric-key Encryption Scheme X and Ind-cpamentioning

confidence: 99%

“…We use the proof of the formal security by the method of contradiction as in [28]. We follow the similar analysis as in [9,15]. Note that one can also prove the formal security in the standard model.…”

Section: Formal Security Analysismentioning

confidence: 99%

See 1 more Smart Citation

DMAMA: Dynamic Migration Access Control Mechanism for Mobile Agents in Distributed Networks

Odelu

Das

Goswami

2015

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

In real-life applications, ensuring secure transmission of data over public network channels to prevent malicious eavesdropping of the data is an important issue in distributed network environment. There are several potential security risks in protecting data and providing access control over the data. It is a challenging problem to manage dynamically the access rights to the resources and protect them from unauthorized access. Several migration access control mechanisms have been proposed in the literature using hierarchical structure to manage the cryptographic keys to prevent from unauthorized access of resources. However, most of them suffer from some known attacks and they do not efficiently support all required dynamic properties for mobile agent environment. Since, in practical scenarios, from time to time changing of decryption key of a confidential file provides maximum security for the system, it affects significantly the performance of the key management mechanism. In this paper, we propose a novel dynamic migration access control mechanism for the mobile agents (DMAMA) in a distributed network environment using symmetric-key cryptosystem. Further, we provide an elliptic curve cryptography based signature (El-Gamal type) on the decryption key assigned to the confidential file to avoid unauthorized modifications by an attacker. Moreover, DMAMA provides an efficient solution to the dynamic property such as changing decryption key of a confidential file, whereas other schemes do not provide. In addition, DMAMA is efficient in computation and storage overheads as compared to the other related existing schemes. Through the informal and formal security analysis, we show that DMAMA is secure against possible known attacks including man-in-the-middle attack as well as DMAMA provides backward secrecy to the decryption key of a confidential file when adding a new node or creating a new relationship in the existing hierarchy. As a result, higher security, low computational and storage overheads along with efficient access control properties make DMAMA more suitable for practical applications compared to the other related schemes.

show abstract

Efficient dynamic key‐aggregate cryptosystem for secure and flexible data sharing

Pareek

Maiti

2022

Concurrency and Computation

View full text Add to dashboard Cite

Summary Secure and efficient enforcement of dynamic access control policies on shared data is a central problem in dynamic and scalable application scenarios, including the Internet of Things and smart cities. Key‐aggregate cryptosystem (KAC) is an efficient mechanism to delegate decryption rights of a subset of a large collection of data items to authorized users. While KAC provides an efficient solution to the problem of secure data sharing, we identify that using it to enforce continuously changing access policies is highly inefficient. In this article, we propose a novel dynamic KAC that, in addition to satisfying all key‐aggregate efficiency requirements, enforces dynamic updates to the aggregate sets with constant computation and constant communication cost. We propose a concrete construction for our dynamic KAC, prove its soundness and formal security, and analyze its theoretical and practical performance. We implement the procedures of a dynamic hierarchical key assignment scheme using the proposed as well as the existing dynamic KACs. We compare the costs of enforcing dynamic updates in large hierarchies. We conclude that the performance enhancement achieved by the proposed dynamic KAC compared to the existing KACs is even more significant in practical access control scenarios.

show abstract

A secure effective key management scheme for dynamic access control in a large leaf class hierarchy

Cited by 49 publications

References 19 publications

A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks

A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks

DMAMA: Dynamic Migration Access Control Mechanism for Mobile Agents in Distributed Networks

Efficient dynamic key‐aggregate cryptosystem for secure and flexible data sharing

Contact Info

Product

Resources

About