Paper 2020/612

Key Assignment Schemes with Authenticated Encryption, revisited

Jeroen Pijnenburg and Bertram Poettering

Abstract

A popular cryptographic option to implement Hierarchical Access Control in organizations is to combine a key assignment scheme with a symmetric encryption scheme. In brief, key assignment associates with each object in the hierarchy a unique symmetric key, and provides all higher-ranked authorized subjects with a method to recover it. This setup allows for encrypting the payloads associated with the objects so that they can be accessed by the authorized and remain inaccessible for the unauthorized. Both key assignment and symmetric encryption have been researched for roughly four decades now, and a plethora of efficient constructions have been the result. Surprisingly, a treatment of the joint primitive (key assignment combined with encryption, as used in practice) in the framework of provable security was conducted only very recently, leading to a publication in ToSC 2018(4). We first carefully revisit this publication. We then argue that there are actually two standard use cases for the combined primitive, which also require individual treatment. We correspondingly propose a fresh set of security models and provably secure constructions for each of them. Perhaps surprisingly, the two constructions call for different symmetric encryption primitives: While standard AEAD is the right tool for the one, we identify a less common tool called Encryptment as best fitting the other.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in FSE 2021
Keywords
Cryptographic Access ControlAEADEncryptmentProvable Security
Contact author(s)
poe @ zurich ibm com
History
2020-05-28: revised
2020-05-25: received
See all versions
Short URL
https://ia.cr/2020/612
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/612,
      author = {Jeroen Pijnenburg and Bertram Poettering},
      title = {Key Assignment Schemes with Authenticated Encryption, revisited},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/612},
      year = {2020},
      url = {https://eprint.iacr.org/2020/612}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.