Secure and efficient time-bound key assignment scheme for access control in hierarchical structure

Cryptographic key assignment schemes in the partially ordered hierarchy allow a higher security class to derive the cryptographic key of a lower security class for key management, supervising, and etc. A "time- bound" cryptographic key assignment scheme can allow each security class to own distinct secret keys for different time periods and the higher security class to perform key derivation only within the predetermined valid time period(s). Several previously proposed time-bound hierarchical key assignment schemes have been shown to be insecure against some potential collusive attacks. This paper will propose a new and secure time-bound key assignment scheme for access control in hierarchical structure. Advantages of the proposed scheme are given below. (i) The proposed scheme is flexible and practical since each security class can be given some discrete time periods for key derivation instead of a continuous one. (ii) We propose practical and efficient solutions to dynamic key management problems, including adding/deleting a security class and changing a derivation key without regenerating or updating all cryptographic keys owned by the classes. (iii) It can achieve confidentiality of encryption/derivation keys, forward secrecy, backward secrecy, access control, and time-bound security. (iv) Performance of the proposed scheme is more efficient than that of previously proposed schemes in terms of the computational complexities, the storage, and the key management efforts.