Efficient Key Derivation for Access Hierarchies

Access hierarchies are useful in many applications and are modeled as a set of access classes organized by a partial order. A user who obtains access to a class in such a hierarchy is entitled to access objects stored at that class, as well as objects stored at its descendant classes. Efficient schemes for this framework assign only one key to a class and use key derivation to permit access to descendant classes. Ideally, the key derivation uses simple primitives such as cryptographic hash computations. A straightforward key derivation time is then linear in the length of the path between the user’s class and the class of the object that the user wants to access. Recently, work presented in [Atallah et al. 2005] has given a solution that significantly lowers this key derivation time for deep hierarchies, by adding a modest number of extra edges to the hierarchy. While such techniques were given for trees, this work presents efficient key derivation techniques for hierarchies that are not trees using a different mechanism. The construction we give in the present paper is recursive and makes a novel use of the notion of the dimension d of an access graph. We provide a solution through which no key derivation requires more than O(d) hash function computations, even for “unbalanced” hierarchies whose depth is linear in their number of access classes n. The significance of this result is strengthened by the fact that many access graphs have a low d value (e.g., trees correspond to the case d = 2). Our scheme inherits the desirable property of the work of [Atallah et al. 2005] that addition and deletion of edges and nodes in the access hierarchy can be “contained” in the node and do not result in modification of keys at other nodes.