Paper 2006/479

Efficient Provably-Secure Hierarchical Key Assignment Schemes

Alfredo De Santis, Anna Lisa Ferrara, and Barbara Masucci


A hierarchical key assignment scheme is a method to assign some private information and encryption keys to a set of classes in a partially ordered hierarchy, in such a way that the private information of a higher class can be used to derive the keys of all classes lower down in the hierarchy. In this paper we design and analyze hierarchical key assignment schemes which are provably-secure and support dynamic updates to the hierarchy with local changes to the public information and without requiring any private information to be re-distributed. We first consider the problem of constructing a hierarchical key assignment scheme by using as a building block a symmetric encryption scheme. We propose a new construction which is provably secure with respect to key indistinguishability, requires a single computational assumption, and improves on previous proposals. Then, we show how to reduce key derivation time at the expense of an increment of the amount of public information, by improving a previous result. Finally, we show how to construct a hierarchical key assignment scheme by using as a building block a public-key broadcast encryption scheme. In particular, one of our constructions provides constant private information and public information linear in the number of classes in the hierarchy.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Access controlkey assignmentprovable securityefficient key derivation.
Contact author(s)
masucci @ dia unisa it
2007-01-03: revised
2006-12-24: received
See all versions
Short URL
Creative Commons Attribution


      author = {Alfredo De Santis and Anna Lisa Ferrara and Barbara Masucci},
      title = {Efficient Provably-Secure Hierarchical Key Assignment Schemes},
      howpublished = {Cryptology ePrint Archive, Paper 2006/479},
      year = {2006},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.