1. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 5, NO. 2, APRIL-JUNE 2008 65
An Efficient Time-Bound Hierarchical Key
Management Scheme for Secure Broadcasting
Elisa Bertino, Fellow, IEEE, Ning Shang, and Samuel S. Wagstaff Jr.
Abstract—In electronic subscription and pay TV systems, data can be organized and encrypted using symmetric key algorithms
according to predefined time periods and user privileges and then broadcast to users. This requires an efficient way of managing the
encryption keys. In this scenario, time-bound key management schemes for a hierarchy were proposed by Tzeng and Chien in 2002
and 2005, respectively. Both schemes are insecure against collusion attacks. In this paper, we propose a new key assignment scheme
for access control, which is both efficient and secure. Elliptic-curve cryptography is deployed in this scheme. We also provide the
analysis of the scheme with respect to security and efficiency issues.
Index Terms—Secure broadcasting, time-bound hierarchical key management, elliptic curves, elliptic-curve discrete logarithm
problem (ECDLP).
Ç
1 INTRODUCTION
was proposed by Chien [5] in 2004. This scheme greatly
I N a Web-based environment, the data to be securely
broadcast, for example, electronic newspapers or other
types of content, can be organized as a hierarchical tree
reduces computational load and implementation cost.
However, it has a security hole against Yi’s three-party
and encrypted by distinct cryptographic keys according to collusion attack [12]. Inspired by Chien’s idea, we propose in
access control policies. We need a key management this paper a new method for access control using elliptic-
scheme so that a higher class can retrieve data content curve cryptography. This scheme is efficient and secure
that a lower class is authorized to access, but not vice against Yi’s three-party collusion attacks.
versa. In many applications (for example, electronic Although there have been attacks on smart cards [2] and
newspaper/journal subscription and pay TV broadcast- some other tamper-resistant devices, such attacks require
ing), there is a time bound associated with each access special equipment, which would cost more than a subscrip-
control policy so that a user is assigned to a certain class tion. The only really valuable data on the smart cards that
for just a period of time. The user’s keys need to be our scheme uses is the master key. It must be kept secret,
updated periodically to ensure that the delivery of the because an attacker who obtained it could derive all the
information follows the access control policies of the data
keys for the data that one could get with this smart card.
source. An ideal time-bound hierarchical key management
Assuming that the master key can be protected, there is a
scheme should be able to perform the above task in an
good reason to believe that our scheme, which uses tamper-
efficient fashion and minimize the storage and commu-
nication of keys. In 2002, Tzeng attempted to solve this resistant devices, can have practical important applications
problem [11]. Tzeng’s scheme is efficient in terms of its in areas such as digital rights management.
space requirement but is computationally inefficient, since Our original motivation for this paper was to provide a
a Lucas function operation is used to construct the better key management scheme for [4], in which data is
scheme, and this incurs heavy computational load. More- encoded in XML and need to be securely broadcast, but a
over, it is insecure against collusion attacks, as shown by solution to the key management scheme fails in terms of
Yi and Ye [13]. efficiency and security.
Another time-bound hierarchical key assignment scheme The rest of this paper is organized as follows: Section 2
based on a tamper-resistant device and a secure hash function presents the notation and definitions needed to give a
hierarchical structure to the data source. Section 3 proposes
the new time-bound key management scheme applied to a
. E. Bertino and S.S. Wagstaff Jr. are with the Center for Education and
hierarchy. Section 4 contains further discussion of the key
Research in Information Assurance and Security (CERIAS) and also with
the Department of Computer Sciences, Purdue University, West Lafayette, management scheme. Section 5 summarizes our results.
IN 47907-2107. E-mail: bertino@cs.purdue.edu, ssw@cerias.purdue.edu.
. N. Shang is with the Department of Electrical and Computer Engineering,
with the Center for Education and Research in Information Assurance and 2 DEFINITIONS AND NOTATION
Security (CERIAS), and with the Department of Mathematics, Purdue
University, West Lafayette, IN 47907-2067. Let S be the data source to be broadcast. We assume that S
E-mail: nshang@math.purdue.edu. is partitioned into blocks of data called nodes.
Manuscript received 27 Feb. 2006; revised 9 Apr. 2007; accepted 29 Oct. 2007; The policy base PB is the set of access control policies
published online 6 Nov. 2007. defined for S. In our setting, each access control policy
For information on obtaining reprints of this article, please send e-mail to:
tdsc@computer.org, and reference IEEECS Log Number TDSC-0030-0206. acp 2 PB contains a temporal interval I among its compo-
Digital Object Identifier no. 10.1109/TDSC.2007.70241. nents, which specifies the time period in which the
1545-5971/08/$25.00 ß 2008 IEEE Published by the IEEE Computer Society

2. 66 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 5, NO. 2, APRIL-JUNE 2008
access control policy is valid. A sample access control policy 3 KEY MANAGEMENT SCHEME
for XML documents might look like
3.1 Initialization
Suppose that we have already generated the set C of classes
acp ¼ ðI; P; sbj-spec; prot-obj-spec; priv; prop-optÞ; of nodes of the data source S marked with the policy
configurations P ci in PB. Such a set is partially ordered
where I, P, sbj-spec, prot-obj-spec, priv, and prop-opt are the with respect to " . Let n be the cardinality of C.
temporal interval, periodic expression, credential specifica- In this step, the system parameters are initialized, and
tion, protection object specification, privilege, and propaga- the system’s class keys Ki are generated:
tion option of acp, respectively. Interested readers may
refer to [3] and [4] for details. 1. The vendor chooses an elliptic curve E over a finite
It is important to notice that several policies may apply field IFq so that the discrete logarithm problem (DLP)
to each node in S. In what follows, we refer to the set of is hard on EðIFq Þ.1 The vendor also chooses a point
Q 2 EðIFq Þ with a large prime order, say, p. The
policies applying to a node in S as the policy configuration
vendor then chooses 2n integers ni and gi such that
associated with the node. In addition, in what follows,
ni gi are all different modulo p for 1 i n. The
PCPB denotes the set of all possible policy configurations
vendor computes Pi ¼ ni Q on EðIFq Þ and hi such that
that can be generated by policies in PB.
gi hi 1 ðmod pÞ. The class key Ki ¼ gi Pi is computed
We now introduce the notion of a class of nodes, a
for class Ci . The points Ri;j ¼ gi Kj þ ðÀKi Þ are also
relevant notion in our approach. Intuitively, a class of nodes
computed whenever Cj 0 Ci (not just when Cj 0d Ci ).
corresponds to a given policy configuration and identifies
2. The vendor chooses two random integers a and b
all nodes to which such configuration applies. Intuitively, a
and a keyed hash message authentication code
class of nodes includes the set of nodes to which the same
(HMAC) [6] HK ðÀÞ built with a hash function HðÀÞ
set of access control policies apply.
and a fixed secret key K. K serves as the system’s
Definition 1 (class of nodes). Let P ci be a policy configuration master key and is only known to the vendor.
belonging to PCPB . The class of nodes marked with P ci , 3. The vendor publishes Ri;j on an authenticated board,
denoted by Ci , is the set of nodes belonging to the data source whereas the integers gi , hi , a, and b are kept secret.
S marked by all and only the policies in P ci . Note that the Parties can verify the validity of the Ri;j obtained
empty set could be a class of nodes marked with a certain policy from the board. This can be realized by using digital
configuration. We denote by C the set of all classes of nodes signatures.
defined over S marked with the policy configurations in PCPB . The public values Ri;j are constructed in such a way that
We also have the requirement that we distinguish and include the owner of the key Kj of the lower class Cj cannot obtain
in C the empty sets marked by policy configurations consisting any information about the class key Ki of the higher class Ci
of only one access control policy and exclude from C the empty without knowing the secret value gi , and the owner of the
sets marked by any other policy configurations. Note that C higher class key Ki cannot compute Kj on its own due to
corresponds to a subset of PCPB . the difficulty of solving the DLP. It turns out that such a
construction is secure against the attack [12], which breaks
We distinguish and include the empty sets correspond- Chien’s earlier scheme [5]. We will discuss this in
ing to different singleton policy configurations so that keys Section 4.3.3.
can be assigned to these classes, which enable users 3.2 Encrypting Key Generation
belonging to these classes to derive the required decryption
In this step, we generate the temporal encryption class keys
keys of lower classes. This key derivation process will be
Ki;t at time granule t by using the system’s class keys Ki .
described in Section 3. The class of nodes Ci 2 C is encrypted by a symmetric
The idea for the secure broadcasting mode of the data encryption algorithm, for example, AES [1]. We denote by
source is this that the portions of the source marked by Ki;t the secret key for Ci at time granule t 2 ½Tb ; Te Š ¼ ½1; ZŠ.
different classes of nodes are encrypted by different secret The generation process for Ki;t is given as follows:
keys and are broadcast periodically to the subscribers.
À Á
Subscribers receive only the keys for the document sources Ki;t ¼ HK ðKi ÞY È H t ðaÞ È H ZÀt ðbÞ È IDi ;
that they can access according to the policies.
The following definition introduces a partial-order where ðKi ÞY is the y-coordinate of Ki , H m ðxÞ is the m-fold
relation defined over C. iteration of HðÀÞ applied to x, IDi is the identity of Ci ,
and È is the bitwise XOR. Note that we can choose HðÀÞ
Definition 2 (partial-order relation on C). Let Ci and Cj be properly in the initialization process so that the output of
two classes of nodes marked by P ci and P cj , respectively, HK is the right length for a key for the symmetric
where P ci and P cj are policy configurations in PCPB . We say encryption algorithm that we use.
that Ci dominates Cj , written Cj Ci , if and only if The one-way property of the hash function H ensures
P ci P cj . We also write Cj 0 Ci if Cj Ci but Cj 6¼ Ci . We that H t ðaÞ and H ZÀt ðbÞ can be calculated only when the
also say that Ci directly dominates Cj , written Cj 0d Ci , if and values H t1 ðaÞ and H ZÀt2 ðbÞ are available for some t1 and t2 ,
only if Ci 6¼ Cj and Cj CÃ Ci implies CÃ ¼ Ci or CÃ ¼ Cj . with t1 t t2 . This is the idea for the construction of the
We call “Cj 0d Ci ” a directed edge. We say that Ci dominates “time bound” of the key management scheme.
Cj via n directed edges if there exists fCik g1 k nÀ1 C such
that Cj 0d Ci1 , CinÀ1 0d Cj and CikÀ1 0d Cik for 2 k n À 1. 1. For more background on elliptic-curve cryptography, see [14].

3. BERTINO ET AL.: AN EFFICIENT TIME-BOUND HIERARCHICAL KEY MANAGEMENT SCHEME FOR SECURE BROADCASTING 67
3.3 User Subscription [1, 70]. Let U be a user wishing to subscribe the sports portion
This is the user subscription phase, in which a tamper- of the newspaper for 1 week, say, the period I ¼ ½8; 14Š. We
resistant device storing important information is issued to could match U with an access control policy acp1 ¼ ð½8; 14Š,
the subscriber. All days, Subscriber/type = “full”, Sports_supplement, view,
Upon receiving a subscription request, an appropriate CASCADE). Then, we can find the class of nodes C1 marked
access control policy acpi is searched until there is a match, with policy configuration acp1 from a pregenerated table.
then the policy configuration in PB, which contains only These nodes are encrypted and broadcast periodically. U can
acpi , is found, and thus, the corresponding class of nodes derive the decryption key for the subscription period using
marked with it, say, Ci , is identified. Note that Ci , which the issued class key K1 and the tamper-resistant device
storing HK , E, IFq , ID1 , h1 , and H 8 ðaÞ, H 56 ðbÞ ¼ H 70À14 ðbÞ.
could be an empty set, is always in C by the construction in
For example, U inputs K1 into the device. To obtain the
Definition 1. We define the encryption information EncInfi
decryption key K1;10 at time granule t ¼ 10, the device
as follows:
computes
À Á
EncInfi ¼ f H t1 ðaÞ; H ZÀt2 ðbÞ g; À Á À Á
H 10 ðaÞ ¼ H 2 H 8 ðaÞ ; H 60 ðbÞ ¼ H 4 H 56 ðbÞ :
where the set on the right side is defined for all acceptable
Then, K1;10 ¼ HK ððK1 ÞY È H 10 ðaÞ È H 60 ðbÞ È ID1 Þ, the very
time intervals ½t1 ; t2 Š for acpi . thing needed. To obtain the decryption key at t ¼ 13 for a
The vendor distributes the class key Ki to the subscriber class C2 C1 , U inputs K1 , ID2 , and R1;2 into the device. The
through a secure channel. The vendor also issues the device first computes the class key of C2 :
subscriber a tamper-resistant device storing HK (thus
H and K), E, IFq , IDi , hi , and EncInfi . There is also a K2 ¼ h1 Á ðR1;2 þ K1 Þ:
secure clock embedded in the device, which keeps track of
Then, it computes
the current time. The device is tamper resistant in the sense
À Á À Á
that no one can recover K, hi , and EncInfi , change the H 13 ðaÞ ¼ H 5 H 8 ðaÞ ; H 57 ðbÞ ¼ H H 56 ðbÞ ;
values of IDi , or change the time of the clock.
and K2;13 ¼ HK ððK2 ÞY È H 13 ðaÞ È H 57 ðbÞ È ID2 Þ, the de-
3.4 Decrypting Key Derivation cryption key needed.
In this step, the temporal keys for a class and the classes Note that all computations are executed by the tamper-
below it are reconstructed by the tamper-resistant device. resistant device. The device can prevent the results of the
Assume that the subscription process mentioned above computations from being revealed so that even the user U
is completed for a subscriber U associated with class Ci . does not know the class key K2 of the class of nodes C2 0 C1 .
U can then use the information received from the vendor This makes the system secure.
to decrypt the data in class Cj , with Cj Ci , as follows:
1. If Cj ¼ Ci , U inputs only Ki into the tamper-resistant 4 FURTHER DISCUSSION
device. Otherwise, if Cj 0 Ci , U first retrieves Ri;j We have proposed a key assignment scheme for secure
from the authenticated public board and then inputs broadcasting based on a tamper-resistant device. A secure
it together with the class identity IDj of Cj and its hash function and the intractability of the DLP on elliptic
secret class key Ki . curves over the finite field IFq are also assumed.
2. If Kj is the only input, the next step is executed
directly. Otherwise, the tamper-resistant device 4.1 Tamper-Resistant Devices
computes the secret class key of Cj : The tamper-resistant device plays an important role in our
scheme. The system’s master key K must be protected by
Kj ¼ hi Á ðRi;j þ Ki Þ: the device. A leak of EncInfi will not help the attackers
much, because they are not able to compute the HMAC,
3. If t 2 ½t1 ; t2 Š for some acceptable time interval ½t1 ; t2 Š thus the temporal class keys, without knowing K. A leak
of acpi , the tamper-resistant device computes of hi will enable the user of class Ci to obtain the class key
À Á À Á Kj of Cj , where Cj Ci , by computing
H t ðaÞ ¼ H tÀt1 H t1 ðaÞ ; H ZÀt ðbÞ ¼ H t2 Àt H ZÀt2 ðbÞ ;
Kj ¼ hi Á ðRi;j þ Ki Þ;
a n d Kj;t ¼ HK ððKj ÞY È H t ðaÞ È H ZÀt ðbÞ È IDj Þ.
Note that the values H t1 ðaÞ and H ZÀt2 ðbÞ are as done by the device. However, this does not help the user
precomputed and stored in the tamper-resistant decrypt any information belonging to a class not lower than
device. Ci . Unless K is discovered, the attacks to retrieve
4. At time granule t, the protected data belonging to EncInfi and hi on individual devices are not effective.
class Cj can be decrypted by applying the key Kj;t . With the use of a tamper-resistant device, the security of the
scheme is strong enough. Attacks on tamper-resistant
3.5 An Example devices need special equipment. It is cheaper to buy a
We now provide an example to illustrate the above process. subscription than the special equipment. As such, the
Consider an electronic newspaper system. Let 1 day be attacker does not have economic incentives to mount such
a tick of time in this system and Z ¼ 70 be the lifetime of an attack, unless he could capture the master key K. An
the system; that is, the system exists in the temporal interval attacker who could find all the information on several

4. 68 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 5, NO. 2, APRIL-JUNE 2008
tamper-resistant devices could execute a collusion attack to 4.3.2 Collusion Attack
compute extra temporal decryption keys. Second, any collusion attack with more than one input to the
As pointed out above, the only information that needs to device does not work either. Since the encryption information
be kept secret by the tamper-resistant device is the system’s EncInfi for a device with identity IDi is not likely to be
master key K. The Trusted Platform Module (TPM) modified because of the tamper resistance of the device,
technology [10], which is good for storing and using any attempt to derive temporal decrypting keys for a
secret keys, can well suit our need. We are aware that there
class Cm that is not lower than Ci inevitably involves the
are attacks on TPMs [9]. There are countermeasures against
computation of the class key Km . According to step 2 of the
those attacks [9]. Moreover, none of these attacks is capable
Decrypting Key Derivation process, gi Km must be compu-
of extracting the exact secret information being protected
table by the device with a suitable choice of the input
(in our case, the system key K). Hence, the attackers are
parameters. However, we do not see any way of accomplish-
not able to perform the HMAC operations. Therefore,
ing this computation without solving the DLP on EðIFq Þ.
an attack relying on the knowledge of K is not feasible in
practice. We believe that the use of the tamper-resistant 4.3.3 X. Yi’s Attack
hardware is practical and secure in reality.
As a particular case of the collusion attack just described,
One might argue that if we need such a strong tamper-
Yi’s attack [12] against Chien’s scheme [5] cannot be replayed
resistant device, then we might as well store the needed
temporal decryption keys on it directly and discard the key here to break our scheme. We will demonstrate this case to
management scheme. However, that approach is not give an impression of how the asymmetry introduced by
practical, because the number of needed keys can be large, elliptic-curve cryptography helps strengthen the scheme.
considering the temporal intervals and hierarchy. In that Yi’s attack cannot apply directly to our scheme due to
case, the system’s class keys cannot be easily updated. Our our different construction. An analog of it would work as
proposed scheme is elegant and more efficient in terms of follows: Two users collude to derive certain information Inf
storage on the tamper-resistant devices. and pass it to a third user U so that U can input Inf together
with his/her secret key to the tamper-resistant device to
4.2 Hash Functions and Elliptic-Curve Discrete derive the decryption keys of a class not lower than U’s.
Logarithm Problem Suppose that U belongs to class Cj and U wants to derive
Some of the most widely used hash functions, for example, decryption keys Ki;t of Ci , which is not lower than Cj . Then,
SHA-0, MD4, Haval-128, RipeMD-128, and MD5, were Ki needs to be computed by the device. Thus, the
broken years ago, whereas SHA-1 was announced broken information to be passed to U should be Inf ¼ gj Ki þ
early in 2005. Essentially, these hash functions have been ðÀKj Þ so that when U inputs Inf, IDi , and Kj , the tamper-
proven not to be collision free, but it is still hard to find a resistant device will compute
preimage to a given digest in a reasonable time. In view of
this, these attacks on hash functions will not affect the hj Á ðInf þ Kj Þ ¼ hj Á ðgj Ki þ Kj À Kj Þ ¼ Ki :
security of our scheme, as long as the DLP on the elliptic In order to obtain Inf, someone must be able to compute
curves is still hard. So far, there is no foreseeable break-
gj Ki . Given that class Ci is not lower than Cj , gj Ki is not a
through in solving DLP on elliptic curves.
summand of any of the published values on the authenti-
Without having to keep Q 2 EðIFq Þ secret, no one,
cated board, and thus, it cannot be produced via collusion,
including the user Ui , can recover the secret values gi
considering the fact that the ECDLP is hard.
and hi of the system due to the difficulty of the elliptic-
Therefore, Yi’s attack cannot be modified to attack our
curve DLP (ECDLP). Therefore, the system is secure.
scheme.
4.3 Security against Possible Attacks
4.4 Yet Another Good Feature
Note that the tamper-resistant device in our scheme is an
An important advantage of our scheme is that the vendor
oracle that does calculation in the Decrypting Key Derivation
can change the class keys of the system at anytime without
process. This raises the question of whether such a device having to reissue new devices to the users, whereas only the
can be attacked by an adversary to gain secret information user’s class keys and the public information Ri;j need to be
to subvert this process. This concern is necessary, since updated. However, when an individual user wants to
Chien’s scheme has been successfully attacked (see [12]) due change the subscription, a new device needs to be issued.
to the weakness of the oracle. We face a similar situation here. This also needs to be done when a different class is desired.
4.3.1 Attack from the Outside 4.5 Space and Time Complexity
First, any attack against our scheme with only one input to Our scheme publishes one value Ri;j for each partial-order
the device will not work. Any attempt to gain the temporal relation Cj 0 Ci . The total number of public values is at most
nðnÀ1Þ
decrypting key with only one input KÃ to the device with 2 , where n is the number of classes in C. On the user
identity IDi will not succeed, unless the input is the side, the tamper-resistant device stores only HK , E, IFq , IDi ,
right class key Ki bound to the same device. This can hi , and EncInfi .
easily be seen, since in this case, the device will compute
À Á At any time granule t, the tamper-resistant device needs
HK ðKÃ ÞY È H t ðaÞ È H ZÀt ðbÞ È IDi at time granule t (we to perform ðt À t1 Þ þ ðt2 À tÞ þ 2 ¼ t2 À t1 þ 2 Z hash
may assume that t is valid; that is, it is in the subscription iterations. Note that there are two hash iterations per
period). This value is meaningless, unless KÃ ¼ Ki . HMAC operation [6]. In a system of a life period of 5 years,

5. BERTINO ET AL.: AN EFFICIENT TIME-BOUND HIERARCHICAL KEY MANAGEMENT SCHEME FOR SECURE BROADCASTING 69
TABLE 1
A Comparison of the Three Schemes
Suppose that Cj Ci , t 2 ½t1 ; t2 Š.
Notation:
n: number of classes jCj.
r: number of child classes Ci on path from Ci to Cj .
Th : hashing operation.
Te : modular exponentiation.
TL : Lucas function operation.
TE : elliptic-curve scalar multiplication.
which updates user keys every hour, Z is approximately 5 CONCLUSIONS
43,800. We did an experiment using SHA-1 as the hash In this paper, we have proposed an efficient time-bound
function on a Gateway MX3215 laptop computer that has a hierarchical key management scheme based on the use of
1.40 GHz Intel(R) Celeron(R) M processor and 256 Mbytes elliptic-curve cryptography for secure broadcasting of data.
of memory and runs Ubuntu 6.10 Edgy Eft. The code is The number of encryption keys to be managed depends
written in C and built with GNU C compiler version 4.1.2. only on the number of access control policies. A tamper-
The result showed that 43,800 hash iterations took resistant device plays an important role in our scheme.
0.0800 second of processing time. In practice, t2 À t1 is usually The obvious solution of storing all needed decryption keys
much smaller than Z, and the hash computation is really fast. in a tamper-resistant device is not practical, because the
The bulk of the computation performed by the tamper- number of keys needed can be large. In addition, with such
a solution, when the system’s class keys need to be updated,
resistant device is the calculation of Kj ¼ hi ðRi;j þ Ki Þ in
all devices containing these keys must be discarded, and
step 2 of the Decrypting Key Derivation phase. A rough
new devices need to be issued. Our approach to key
estimate [7] shows that a 160-bit prime p (the order of Q on management avoids these disadvantages.
EðIFq Þ) should give us enough security (against the best In the future, we hope to analyze our system from the
ECDLP attack) in this situation. In this case, to derive the point of view of provable security. This would require a
class key Kj of class Ci 0 Ci from Ki , the device needs to more formal description of our system than what we have
perform at most 160 elliptic-curve doublings and 81 elliptic- given here. We also plan to implement our scheme and do
curve additions when the method based on repeated experiments on smart cards.
doubling and adding is used. This amounts to 241 elliptic
additions. Ignoring the negligible field addition in IFq , each APPENDIX
elliptic-curve addition requires one field inversion and COMPARISON OF THREE SCHEMES
two field multiplications. If we choose q to be a 160-bit We compare the three time-bound hierarchical key manage-
number and regard the time to perform a field inversion as ment schemes in Table 1.
that of three field multiplications, the class key derivation
process needs roughly 241 Â 5 Â 1602 % 225 bit operations. ACKNOWLEDGMENTS
Even a smart card can do this in a few seconds [8]. Our
The authors would like to thank the anonymous reviewers
scheme is, in fact, slower than Chien’s scheme, in which
for their helpful comments, Abhilasha Bhargav-Spantzel
only hash computations are widely used. However, it is still for the suggestions about the TPM technology, and the
very efficient from the point of view of application and Center for Education and Research in Information
provides enhanced security. Assurance and Security, Purdue University for support.
We include in the Appendix a table comparing the three The work reported in this paper was partially supported by
time-bound hierarchical key management schemes. the US National Science Foundation under Grant 0430274.

6. 70 IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, VOL. 5, NO. 2, APRIL-JUNE 2008
REFERENCES Ning Shang is currently working toward the PhD
degree in the Department of Mathematics, the
[1] Advanced Encryption Standard, http://csrc.nist.gov/ Department of Electrical and Computer Engi-
CryptoToolkit/aes/, 2007. neering, and the Center for Education and
[2] R. Anderson and M. Kuhn, “Low-Cost Attacks on Tamper- Research in Information Assurance and Security
Resistant Devices,” Proc. Fifth Int’l Workshop Security Protocols (CERIAS), Purdue University. His research
(IWSP ’97), pp. 125-136, 1997. interests include computational number theory,
[3] E. Bertino, C. Bettini, E. Ferrari, and P. Samarati, “An Access elliptic and hyperelliptic cryptography, and im-
Control Model Supporting Periodicity Constraints and Tem- plementation of cryptographic schemes. He is a
poral Reasoning,” ACM Trans. Database Systems, vol. 23, no. 3, member of the AMS and the SIAM.
pp. 231-285, Sept. 1998.
[4] E. Bertino, B. Carminati, and E. Ferrari, “A Temporal Key Samuel S. Wagstaff Jr. received the BS degree
Management Scheme for Secure Broadcasting of XML Docu- in mathematics from Massachusetts Institute of
ments,” Proc. Ninth ACM Conf. Computer and Comm. Security Technology, Cambridge, and the PhD degree in
(CCS ’02), pp. 31-40, Nov. 2002. mathematics from Cornell University, Ithaca,
[5] H.-Y. Chien, “Efficient Time-Bound Hierarchical Key Assignment New York. He is a professor of computer science
Scheme,” IEEE Trans. Knowledge and Data Eng., vol. 16, no. 10, in the Department of Computer Sciences, Purdue
pp. 1302-1304, Oct. 2004. University, West Lafayette, Indiana. He is also
[6] FIPS Publication 198, The Keyed-Hash Message Authentication Code with the Center for Education and Research in
(HMAC), http://csrc.nist.gov/publications/fips/fips198/ Information Assurance and Security (CERIAS).
fips-198a.pdf, 2008. Before coming to Purdue, he taught at the
[7] A. Jurisic and A.J. Menezes, “Elliptic Curves and Cryptography,” University of Rochester, Rochester, New York, the University of Illinois,
Dr. Dobb’s J., pp. 23-36, Apr. 1997. Urbana, and the University of Georgia, Athens. From 1971 to 1972, he
[8] http://www.raaktechnologies.com/download/raak-c7-standard. was with the Institute for Advanced Study, Princeton, New Jersey. He is
pdf, Web article, 2007. the leader of the Cunningham Project, which factors numbers of the form
[9] E.R. Sparks, “A Security Assessment of Trusted Platform bn Æ 1. His research interests include primality testing, integer factoriza-
Modules,” computer science technical report, http:// tion, cryptography, secure patch distribution, and watermarking. He has
www.ists.dartmouth.edu/library/341.pdf, 2007. supervised five PhD theses and published five books and more than
[10] Trusted Platform Module, https://www.trustedcomputinggroup. 60 research papers. He is a coinventor (with R. Baillie) of an algorithm
org/groups/tpm/, 2007. that was published in 1980 and was selected as the ANSI Standard X9-80
[11] W.G. Tzeng, “A Time-Bound Cryptographic Key Assignment for choosing industrial-grade primes for use in cryptography. It is used
Scheme for Access Control in a Hierarchy,” IEEE Trans. worldwide as part of the secure-socket layer. He is a member of the AMS,
Knowledge and Data Eng., Proc. Sixth ACM Symp. Access Control the MAA, and the UPE.
Models and Technologies (SACMAT ’01), vol. 14, no. 1, pp. 182-
188, Jan./Feb. 2002.
[12] X. Yi, “Security of Chien’s Efficient Time-Bound Hierarchical Key
Assignment Scheme,” IEEE Trans. Knowledge and Data Eng., . For more information on this or any other computing topic,
vol. 17, no. 9, pp. 1298-1299, Sept. 2005. please visit our Digital Library at www.computer.org/publications/dlib.
[13] X. Yi and Y. Ye, “Security of Tzeng’s Time-Bound Key Assignment
Scheme for Access Control in a Hierarchy,” IEEE Trans. Knowledge
and Data Eng., vol. 15, no. 4, pp. 1054-1055, July/Aug. 2003.
[14] L.C. Washington, Elliptic Curves, Number Theory and Cryptography.
Chapman Hall/CRC, 2003.
Elisa Bertino is a professor of computer science
in the Department of Computer Sciences,
Purdue University and the Research Director
of the Center for Education and Research in
Information Assurance and Security (CERIAS).
Previously, she was a faculty member in the
Department of Computer Science and Commu-
nication, University of Milan, where she directed
the DB and SEC Laboratory. She was a visiting
researcher at the IBM Research Laboratory (now
Almaden), San Jose, at the Microelectronics and Computer Technology
Corporation, at Rutgers University, and at Telcordia Technologies. From
2001 to 2007, she was a coeditor in chief of the Very Large Database
Systems (VLDB) Journal. She serves also on the editorial boards of
several scientific journals, including the IEEE Internet Computing,
IEEE Security and Privacy, ACM Transactions on Information and
System Security, and ACM Transactions on Web. Her main research
interests include security, privacy, digital identity management systems,
database systems, distributed systems, multimedia systems. She has
published more than 250 papers in all major refereed journals and in the
proceedings of international conferences and symposia. She is a
coauthor of Object-Oriented Database Systems: Concepts and Archi-
tectures (Addison-Wesley, 1993), Indexing Techniques for Advanced
Database Systems (Kluwer Academic Publishers, 1997), Intelligent
Database Systems (Addison-Wesley, 2001), and Security for Web
Services and Service Oriented Architectures (Springer, Fall 2007). She
is a fellow of the IEEE and the ACM and a Golden Core member of the
IEEE Computer Society. She received the 2002 IEEE Computer Society
Technical Achievement Award for her “outstanding contributions to
database systems and database security and advanced data manage-
ment systems” and the 2005 IEEE Computer Society Tsutomu Kanai
Award for “pioneering and innovative research contributions to secure
distributed systems.”