《single》.pdf

SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2012; 00:1– 14 DOI: 10.1002/sec RESEARCH ARTICLE Yet Another Attack on the Chinese Remainder Theorem Based Hierarchical Access Control Scheme 1 1∗ 1 Niu Liu , Shaohua Tang , Lingling Xu School of Computer Science Engineering, South China University of Technology, Guangzhou, China ABSTRACT The hierarchical access control scheme based on Chinese Reminder Theorem(CRTHACS) was supposed to be capable of hiding the hierarchical structure of a group, but Geiselmann et al. showed practical attacks on CRTHACS to reveal the hierarchies it hides. Then, Zou et al. modified it, and gave a new CRTHACS to resist those attacks. Nevertheless, we find that the modified version is still defective if it permits changes of structure, i.e. the scheme works in a dynamic scenario. In this paper, we describe our attack on the modified version of CRTHACS. We extend the description of the CRTHACS in a more proper form to make it easier for us to look into the problem it has. We find the key character of the vulnerability which we name as double-invariance. We generalize our attack in an algebraic form and apply it to a series of hierarchical cryptographic access control schemes that share the same vulnerability with CRTHACS. We also give the countermeasure c to fix this vulnerability. Copyright ⃝ 2012 John Wiley Sons, Ltd. KEYWORDS communication security; CRTHACS; Chinese remainder theorem; hierarchical access control; secure group communication; formal security ∗Correspondence School of Computer Science Engineering, Guangzhou Higher Education Mega Centre, Panyu District