Paper 2013/132
Yet Another Attack On the Chinese Remainder Theorem Based Hierarchical Access Control Scheme
Niu Liu, Shaohua Tang, and Lingling Xu
Abstract
The hierarchical access control scheme based on Chinese Reminder Theorem [49] (CRTHACS) was supposed to be capable of hiding hierarchical structure, but Geiselmann et al. [18] showed practical attacks on CRTHACS to reveal the hierarchies it hides. Then, Zou et al. modified it, and gave a new CRTHACS [50] to resist those attacks. Nevertheless, we find that the modified version is still defective if it permits changes of structure, i.e. the scheme works in a dynamic scenario. In this paper, we describe our attack on the modified version of CRTHACS. We extend the description of the CRTHACS in a more proper form making it easier for us to look into the problem it has. We find the key character of the vulnerability which we name as double-invariance. We generalize our attack in an algebraic form and apply it to a series of hierarchical cryptographic access control schemes that share the same vulnerability with CRTHACS. We also give the countermeasure to fix this vulnerability.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Unknown status
- Keywords
- communication securityCRTHACSChinese remainder theoremhierarchical access controlsecure group communication
- Contact author(s)
- niuliu83 @ gmail com
- History
- 2014-05-21: revised
- 2013-03-07: received
- See all versions
- Short URL
- https://ia.cr/2013/132
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2013/132,
author = {Niu Liu and Shaohua Tang and Lingling Xu},
title = {Yet Another Attack On the Chinese Remainder Theorem Based Hierarchical Access Control Scheme},
howpublished = {Cryptology {ePrint} Archive, Paper 2013/132},
year = {2013},
url = {https://eprint.iacr.org/2013/132}
}
