A Hierarchical Key Assignment Scheme Based on Diffie-Hellman Algorithm

YAN Jun-zhi; LI Feng-hua; MA Jian-feng

您当前的位置：

首页 >

文章列表页 >

A Hierarchical Key Assignment Scheme Based on Diffie-Hellman Algorithm

更新时间：2025-07-16

- A Hierarchical Key Assignment Scheme Based on Diffie-Hellman Algorithm
- Acta Electronica Sinica Vol. 39, Issue 1, Pages: 119-123(2011)
- 作者机构：
  
  1. 西安电子科技大学计算机网络与信息安全教育部重点实验室,陕西,西安,710071
  2. 北京电子科技学院研究生处,北京,100070
  3. 西安电子科技大学计算机网络与信息安全教育部重点实验室陕西西安,710071
  4. 北京电子科技学院研究生处北京,100070
- 作者简介：
- 基金信息：
- DOI：
  CLC： TP39
- Published：2011
- 稿件说明：
移动端阅览
YAN Jun-zhi, LI Feng-hua, MA Jian-feng. A Hierarchical Key Assignment Scheme Based on Diffie-Hellman Algorithm[J]. Acta Electronica Sinica, 2011, 39(1): 119-123.
DOI：

YAN Jun-zhi, LI Feng-hua, MA Jian-feng. A Hierarchical Key Assignment Scheme Based on Diffie-Hellman Algorithm[J]. Acta Electronica Sinica, 2011, 39(1): 119-123. DOI：

摘要

在基于内容的访问控制系统中

主体对客体只有允许访问和拒绝访问两种权限

且主体之间和客体之间都存在一种偏序关系

传统的访问控制策略需要对主客体单独进行管理

效率较低.本文利用其中的偏序关系设计一种分层密钥分配方案

使分配的密钥既能实现保密通信又能达到实施访问控制的目的

提高系统效率.该方案利用客体之间的偏序关系使所有客体形成一个有向无环图

以多方Diffie-Hellman算法为基础为图中每个节点分配密钥

使得每个节点都可以通过自己的密钥计算出其子节点的密钥

每个节点的密钥用于加密对应于该节点的资源

从而通过对密钥的分配实现对访问权限的管理.该方案分为系统建立、密钥更新、节点加入和节点删除等部分

其安全性基于DDH假设

支持成员以及分层拓扑结构的动态变化

可用于解决基于内容的分层访问控制问题.

Abstract

In content-based access control systems

the subject is only allowed or denied to access the object.There are partial orders between different subjects and objects.The traditional access control policy manages these subjects and objects independently

and does not consider the partial orders which may improve the efficiency.By considering the partial orders

a hierarchical key assignment scheme is proposed in this paper

so as to make the assignment of keys to achieve secure communication and access control

improving the efficiency.The objects can be formed into a Directed Acyclic Graph (DAG) using the partial orders between these objects.Then

assign each vertex in the DAG an encryption key based on Diffie-Hellman algorithm

while each vertex may derive the encryption keys of its child vertices by the encryption key of itself.These assigned keys are used to encrypt the resources of the vertices.Thus

the access control of the resources can be achieved by the assignment of the encryption keys.The proposed scheme consists of the phases of system initialization and key updating

and supports user dynamics and topology changes.The security is based on DDH assumptions.It can be used for content-based hierarchical access control.

关键词

Keywords

references

Views

1795

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Leveled Group Key Management for Wireless Sensor Networks ( 1.Key Laboratory of Computer Networks and Information Security ,Xidian University,Xi'an,Shaanxi 710071,China; 2.Graduate School,Beijing Electronic Science and Technology Institute,Beijing 100070,China; 3.No.36 Research Institute of CETC ,Jiaxing,Zhejiang 314033,China)

Related Author

阎军智

李凤华

马建峰

LI Feng-hua

WANG Wei

MA Jian-feng

Related Institution

西安电子科技大学计算机网络与信息安全教育部重点实验室

北京电子科技学院研究生处

中国电子科技集团公司第三十六研究所

西安电子科技大学计算机网络与信息安全教育部重点实验室陕西西安

北京电子科技学院研究生处北京

⁰