An Access Control-Based Authenticated Signature using Dual Secret Key Partha Protim Mondal#, Dipa Mondal*,Prasenjit Maiti% # Computer Science & Engineering Mallabhum Institute of Technology
[email protected] *
Computer Science & Engineering Birbhum Institute of Technology
[email protected]
%
Computer Science & Engineering Mallabhum Institute of Technology
[email protected]
Abstract— Access control is the ability to permit or deny the use of a particular resource by a particular entity. Access control mechanisms can be used in managing physical resources (such as a movie theater, to which only ticketholders should be admitted), logical resources (a bank account, with a limited number of people authorized to make a withdrawal), or digital resources (for example, a private text document on a computer, which only certain users should be able to read).[7] Access control of data in a workflow system had an increasing trend with the improvement of information technology. Authentication by username and password is only part of the story. Frequently we want to let people in based on something other than who they are. Something such as where they are coming from. Restricting access based on something other than the identity of the user is generally referred to as Access Control. Electronic Key Management is an area within (and possibly integrated with) an access control system which concerns the managing of possession and location of small assets or physical (mechanical) keys.Both academic and industrial fields have seriously concerned the issue about the protection of information security from the unauthorized users. Electronic signature implementations on workflow documents provide rapidness to the transactions and guarantees a certain security level as far as the signature scheme possesses. Unfortunately, in practice, it is not as easy as it sounds. Authentic Signatures are ones that have not been tampered with and are received exactly as issued by a node. We are here proposed a new hierarchical signature scheme as a solution for the signature authorization problem. The scheme is based on association of the authentic signature. Keywords— Access Control, Authorization, Signature schemes, Key Management, Controlling Authority, Token, Hashing , Session key, Dual Secret Key.
Hierarchy originally meant "rule by priests", and it is from the organization of hierarchical churches such as the Roman Catholic and Eastern Orthodox churches that the name of this concept arises. A hierarchical structure is such that every entity in the structure, except one, is subordinate to a single other entity. [7] In many situations, the hierarchical systems can be represented by a partially ordered set (poset). The access control problems in a computer communication system are generally formed as a user hierarchy. In the way, the users and their data are organized into a number of disjointed sets of security classes, and each user is assigned to a security class called the user’s security clearance. Let SC1; SC2; ...; SCn be n disjointed security classes and ‘‘ ≤ ’’ be a binary partiallyordered relationship in the set SC = { SC1; SC2; ...; SCn }. In the partially-ordered set (poset), SCj ≤ SCi indicates that the users in security class SCi have a security clearance higher than or equal to those in security class SCj. In other words, the users in the security class SCi are authorized to read or store the data that belongs to the users in security class SCj ; in contrast, SCj cannot read or store those to SCi. Fig.1 shows an example of the poset in a user hierarchy. The arrowhead in the figure indicates a relationship that the higher-level security class is authorized with the security clearance higher than the lower-level one. The statement SCj ≤ SCi means that SCi is the predecessor of SCj and SCj the successor of SCi. Furthermore, if there is no other security class SCk in SC so that SCj ≤ SCk ≤ SCi, then SCi is called the immediate predecessor of SCj, and SCj the immediate successor to SCi.
I. INTRODUCTION Electronic signature applications substitutes traditional handwritten signatures to support security services and speed up the document workflow. Electronic signature deals with the documents in case of authorization, authentication and integrity. Understanding the term “hierarchy” will be a good starting point while dealing with signatures in hierarchical structured organizations. Hierarchies denote a singular/group of power at the top, a structure made up of different levels like a company organization chart. The higher levels have control or precedence over the lower levels. Hierarchical structures are a one-to-many relationship; each item having one or more items below it.
Fig.1. Poset in a user hierarchy The scheme associates the new authorization/position information to an already employed one to generate a new “authorized” signature. A straightforward access control scheme for poset hierarchy is to assign each class with a key, and let a class have the keys of all its successors. The information belonging
to a class is encrypted with the key assigned to that class; therefore the predecessors have access to the information of their successors. This is awkward because the classes in higher hierarchy have to store a large number of keys. In cryptography, a key is a piece of information (a parameter) that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would have no result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa during decryption. Keys are also used in other cryptographic algorithms, such as digital signature schemes and message authentication codes. In any case, an authorized person could be appointed to another/upper level/class in the hierarchical organization. It is obvious that his/her previous approval rights on documents in the organization workflow will be expanded and varied. In this case, if there was a predecessor, it must be ensured that he/she could not sign the documents in workflow anymore. Moreover, signature of the successor - the new authorized person must be proclaimed to the hierarchical structure, as it is valid and verifiable on these level documents.
Cheon’s scheme is based on an id-based crypto system that a system administrator is responsible to set up operations. In this paper, our access control mechanism is designed to operate in an open network where establishing the identity of the client conveys no information about the likely behavior of the client and thus, is irrelevant to the secure operation of the server. It is flexible enough to operate across multiple administrative domains with varying security requirements and offers a high degree of resource protection in these untrusted environments. It makes no assumptions about the security of remote elements in the system such as the transport mechanism or file server and only requires clients to place complete trust in their own machine. In this paper, we focused on problems of electronic signatures in hierarchical organizations as a hierarchical signature where the organizational level of the signer is important. It is the access control level in the document workflow or an affirmation right of documents within a hierarchical order. In digital environment, any signer could approve and sign a document with his/her secret signature key. As traditional we may check its corresponding public key if it is a known signature in the organization.
Changing signature keys seems as though practical for the given case above. Nevertheless, this operation will trigger the new key generation, insertion operations and revocation operation on old key. Key replacements may affect the entire large key tree in the organization and causes remarkable computation cost.
We are used the dual secret key algorithm ,authentication signature scheme & the concept of token passing to reduced the number of key storage and also to reduce the workload from the Root central authority .
Access control can quite qualify in charge of classifying and managing a quantity of data; therefore, it widely spreads in the military, government departments and private corporations for a long time. Nowadays, access control is also applied in various fields such as database management systems [8-11], computer networks and operating systems
This paper is organized as follows; In Section 2, we are describe about access control. In Section 3, we describe about digital signature & hash function. In Section 4, we focus on the previous schemes & there disadvantages. In Section 5, we state our algorithms for dynamic access control & its advantages .In section 6 we are try to implement our proposed algorithms and in the last section, we give a conclusion of the paper & future work.
The cases mentioned must not be mixed up with the cases in proxy signature or delegated signatures in literature. These schemes are based on the case that a person/an agent or a group can sign on behalf of another person. However, in the hierarchical signature problem of signing a document behalf of another individual is not the case. The problem is temporary or permanent assignment of a person to a specific level of authorization who also belongs to a certain level in the same hierarchy.There were also pretty researches on key schemes based on additional information called as “selfcertified public keys” and “id-based signatures”. In those structures, key/signature has informative, person specific ID data as name, surname, email address that may help to verify the person. In 2002, Paterson presented an id-based signature scheme with pairings over ElGamal scheme, in 2003 ChaCheon , purposed a scheme on pairings with gap DiffieHellman groups. Thereafter, C.-Y.Lin et al. presented a group signature scheme based on Cha-Cheon’s scheme. Cha-
II. A SURVEY ON EXISTING SCHEMES A Chen and Chung proposed an improved scheme of hierarchical access control based on the Chinese Remainder theorem and symmetric encryption. Consider an information system in which users are organized in a hierarchical structure for access control. In such a system, there are a number of disjoint security classes and each user belongs to one of the security classes. Each security class is assigned a key, used for encryption, identification, etc. Among the security classes, there is a partial order, ≤, where SC1 ≤ SC2 represents that security class SC1 is subordinate to SC2, and thus a user in SC2 has the privilege to access information possessed by SC1. (In this case, we say that SC2 is a predecessor of SC1, or SC1 is a successor of SC2) Typically, it is desirable to allow the user in a superior class to derive the key of a subordinating class. In other words, a user in SC2 should be able to derive the key of SC1 if SC1≤ SC2 . In this way, users in a superior security class don’t need to keep the keys of all subordinating classes,
but can still access the information possessed by these classes. On the other hand, for the purpose of security, a user should never be able to derive the key of a security class that is not subordinate to his own class. The above outlined problem is called hierarchical access control problem. In Kuo, Shen, Chen, and Lai proposed a solution to this problem based on Rabin’s public key system and the Chinese Remainder Theorem. In Chen and Chung presented an improved version of Kuo et al.’s scheme. For AT’s scheme [1], each security class SCi is assigned with a public parameter Ti and a secret key ski in which ski = sk0Ti(mod m). Note that sk0 is the secret key of the Central Authority (hereafter called CA for brevity), and M is the product of a secret pair of large prime numbers. If SCj ≤ SCi, Tj/Ti is an integer, and SCi can derive skj according to the deduction: skj = sk0Tj = sk0Ti*(Tj/Ti)=ski(Tj/Ti)(mod M)
In our hierarchical structure, an entity has access to another node if and only if the former is a superior of the later. The access control scheme for a hierarchy represented by a ordered set (oset). Our access control mechanism is use the symmetric key cryptography and also the dual secret key cryptography approach. The dual secret key cryptography, where objects are encrypted with one secret key created by the parent of child a node , also called the encryption key, and can only be decrypted by parent node who knows the secret key , also called the decryption key. A separate key-pair may be associated with every file and should only be distributed to principals who are allowed to access the file’s data. Restricting the distribution of keys allows us to export the actual file to everybody. The two keys effectively act as capabilities, where the decryption key corresponds to a readcapability and the encryption key corresponds to a writecapability.
In contrast, if SCj (not ≤ ) SCi, Tj Ti is not to be an integer, then the key derivation fails. However, the size of Ti is going to be enlarged as the classes of security expand. easy way to comply with the conference paper formatting requirements is to use this document as a template and simply type your text into it.
However, read-write capabilities are part of an access control mechanism. The semantics of the encryption/decryption key-pair is universally valid. Dual secret key cryptography ensures integrity authenticity, nonrepudiation of the stored data, but confidentiality are not guaranteed.
A. Disadvantages of previous schemes
After all security checking is made and when the connection is made between two nodes in the hierarchy we use the symmetric key cryptography scheme such as DiffieHellman scheme (was the first public key cryptosystem) is used to transfer data between the nodes .
1. The part of the Chen-Chung scheme for adding a new security class is not correct in that they fail to observe that the old value of Hi for a predecessor SCi may not be a multiple of nn+1 .Therefore, the newly computed value of Hi may not satisfy Hi mod nn+1 = rn+1 , which is necessary for key derivation.
2. AT and MacKinnon et al. schemes succeed in reducing the value of Ti. But nevertheless, it remains an unsettled question that all existing secret keys need to be adjusted as the hierarchy changes.
3. The root is always busy for any type communication. 4. If the secret key is exposed then the whole hierarchical structure security is clasped.
5. Users in a superior security class don’t need to keep the keys of all subordinating classes, but can still access the information possessed by these classes.
6. Key replacements may affect the entire large key tree in the organization computation cost.
and
causes
remarkable
III. PROPOSED AUTHENTICATED HIERARCHICAL ACCESS CONTROL SCHEME A. Basics of our mechanism
In this paper, we propose a new scheme that achieves the best performance of previous schemes and is provably secure under our security model and is more flexible then the others. B. The elements that`s are used in our approach Our access control mechanism is based on the following elements: Root Node(CA) Node (end User or Machine ) Policy Token The following illustration (Fig 3) shows the relations between the elements in the list above. . a. Root Root is work as glue in the hierarchical structure. Root has authority to access any predecessor node . It have the authority to read or write in predecessor node .Resource owner is always root of trust for who can access his resources
Table 1 Dual Secret Key Table (DST) The Dual Secret key table contain two Secret key of a parent & also the node ID of the nodes Node1 Node2 Node3
If the end user access information from a node that is successor , or successor of successor of its parent then the CA have no relevant work do here. If the end user access information from other node that is successor or successor of successor of the CA then CA have to do two things
1. 2.
The CA have to search the node & Check the requester node is authorized or not.
c. Policy Root sets the policy for Which IP address & Node information are valid Which attributes/roles are needed for which types of access to his resources A policy is a rule that grants access to a specific function or all functions of a node. For example, a policy may grant read access to a collection of nodes. A policy consists of the following elements: 1. 2.
Child node is only authenticated to its parent. Child node can only access through its parent
d. Token A token , normally a combination plain text ,& its digest .The plain text contain sender & receivers identity (iNode) and IP address . A token is assigned to a node. It is possible to create a token as needed token are only created by child nodes . Here we use many type of token. 1. 2. 3. e.
Request Token (RT) Acknowledgement Token (AT) Negative Acknowledgement Token (NAT) Databases to be maintain
Information of Node (I-Node) The information table contains Node ID and Node IP address of other nodes. The table has only two coloumn. Node1 Node2 Node3 Noden
132.23.234.21 13.23.234.231 32.23.24.21 21.23.234.12
Sk21 Sk22 Sk23
Table 2
Fig 3. b. Node A node can be a end user or a machine, that can be behave as a root to its successor. The root is also a node .The root is work as glue to the hierarchy. It controls the access to the whole hierarchy.
SK11 SK12 SK13
IV. PROPOSED AUTHENTICATED HIERARCHICAL ACCESS CONTROL SCHEMES ALGORITHMS A. Addition of node in the Hierarchy In our approach Nodej ≤ Nodei ,indicates that the users in security class Nodei have a security clearance higher than or equal to those in the security class Nodej. “ ≤ “ this symbol represent a relationship to define that who are in the left of the symbol they have not any write permission to whom are on the right of the symbol ,but the right have the permission to read or write . Let Node j be a new security class for addition into the hierarchy. The process is as follows : Step1: Nodej is the new class to be added in the hierarchy. The new node can be added any where in the hierarchy. Step 2: Nodej send a plain text message to Nodei that contain the following fields. i. Node ID ii. Node IP address Step 3: Using dual secret key mechanism Nodei create two secret key one for itself and the other is for its child . Where ski – is the secret key for Nodei skj – is the secret key for Nodej Nodei keep ski secret and send skj to Nodej in a secure way. Step 4: Nodei use the One way hash function that is used by the entire hierarchical structure to create a message digest that is used as the signature between Nodei & Nodej.The digest is created using the follows a. Nodei node identity (ID) b. Nodei node IP address c. Nodej node identity (ID) d. Nodej node IP address
e.
Nodej‘s node secret key skj The message digest is denoted by Hi.
Step 5: Nodei send secret key.
In this approach a node that wants to access a node in the hierarchy can get access only through its parent node. There is no supplementary way.
Hi to the Nodej encypted with its
Step 6: Nodej also make a make a message digest using the following i. ii. iii. iv. v.
Nodej node identity (ID) Nodej node IP address Nodej‘s own secret key skj Nodei node identity (ID) Nodei node IP address The message digest is denoted by Hi. Step 7: Then nodej compare the two values i.e. Hi = Hj. If yes then it take the secret key. And also send a copy of Hj to the Nodei.
Step 8: Nodei compare Hj with Hi. If its matches then update the Security Key table to keep the value of ski and skj. Also update the Node information table to keep the value of Nodej Node ID and Node IP address. Step 9: Stop. B. Deletion of node from the Hierarchy Let Nodej is a security class have to be deleted from the hierarchy.
Fig 4. The process is as follows: Step 1: Nodej make a request token (RT) encrypted with Nodej secret key SKji to send it to its parent node Nodei. a. b.
The RT contain A plain text Digest of the plain text
a. The plain text contain (PTj) i. ii. iii. iv.
The sender Nodes ID. The sender Nodes IP address. The desired Nodes ID The desired Nodes IP address.
b. Message digest of the plain text (Hj)
Step 1: The parent Nodei (Nodej ≤ Nodei) delete a row from secret key table that contain ski and skj.
The digest is making by combining the secret key of the sender.
Step 2: Nodei also delete a row from Node-I table that contain the Node –ID and Node IP Address.
Step 2: Nodej make a packet contains PTj & digest (Hj) called Nodei request token. Nodej encrypt it using its skji and send it to Nodei.
Step 3: Nodei broadcast a Negative Acknowledgement Token (NAT) to other nodes in the hierarchy except the Nodej. That tells that, the node is deleted and update your Node information table. C. Node to node relationship in the hierarchy
RTj = [ PTj || (Hj)skji ] Step 3: Nodei decrypt the decrypted using the secret key skij.
the request token
It also make a digest by combinig the PTj and the secret key of Nodej i.e. Hi. And compare the value of this two i.e. Hi = Hj . If this two are equal then RT is opened by Nodei to see the destination address of desired node. Step 4: Nodei match the IP address of the wanted node in its Node – I tables entry . If its found a match in the table then send the RT encrypting with the secret key of the desired If no match found then Nodei send a new RT ( making by itself ) to the parent of its using the secret key of calculated by its parent. And it, set it as inactive to its child. In this way security is checked. Do the step 4 until the desired destination IP address is found. c.
Session Key Establish between two node using modified Deffi-Hellman key exchange
Step 4: Similarly Nodek calculate Kk Kk = g skk mod p And send it to Nodei. Step 5: Nodei send Kk to Nodej and Kj to Nodek . Step 6: Nodej calculate SK = (Kk) skj mod p Step 7: Nodek calculate SK = (Kj) skk mod p This is the symmetric session key between Nodej and Nodek. Step 8: After Step 7 , Nodei make the process inactive that is used for this operation.The inactive is making by set the control bit value 00.This is look to the out sider that the Nodej and Nodek are connected directly.
Fig 6. Fig 5. Let Nodei found Nodej as the wanted node. The relationship between the nodes(security classes) are as follows Nodej ≤ Nodei & Nodek ≤ Nodei The following steps are as follows Step 1: Nodei take two primes p and g. Step 2: Nodei send p and g to Nodej and Nodek. Step 3: Nodej take its secret key skj and using p and g calculate Kj . Kj = g skj mod p And send it to Nodei
d.
Proposed message digest creation algorithm:
Step 1: Let the source file is text file and the destination file is file digest. Step 2: Read each line from the text file by using a while loop. a) Read each character in the line. b) Convert the character into ascii value. c) Store the values in array list. d) Do the step 2 until the end of the text file. Step 3: Count the array list size. Step 4: Square-root of the array size & convert it to a integer value using round function . If the square of it is less then the size of the array list then add 1 to that integer value (Square-root of arrayList). If (integer value+1 ) is odd then again add 1 to it.
they are further not communicate with each other ,but we use symmetric session key algorithm so the communication is not to make permanent , after a session the communication is break down.
If square of the evaluated integer is not equal to size of array list, then resize it by inserting 1 untill the size is equals to square of the evaluated integer. Step 5: Now convert the array list into one-dimensional array and then two-dimensional array. Step 6: Pick up diagonally one by one element form the twodimensional array and insert then in a array list. Let the name of this array list is arraylist _file. Step 7: Now read the KeyValue. Convert the character into ascii value. Store the values in arraylist. Step 8: Do the same steps from 3 to 9. Let the name of this arrayList is arrayList _KeyValue. Compare the size of these two arrayList and consider the greater size. The other arrayList is resized by inserting 1 until the greater size. Do the steps 4 and 5 for two arrayList. Do the steps 7 and 8 for two arrayList. Do the matrix addition. Convert each data of the final matrix into their ascii values and add then in a string. Store the string in the destination file is FileDiagest.
vii.
VI. CONCLUSIONS In this paper we proposed a new access control scheme for oset hierarchy. This scheme is concrete and practical for implementation. It supports any arbitrary oset, achieves the best performance of previous schemes, and provides a formal security under a comprehensive security model. None of the previous schemes achieved the properties as fully as our does. Our scheme provides a solution to the theoretical & also particle significance for the hierarchical access control problem. In this proposed scheme is endowed with four characteristics as follows: 1. The key generation/derivation algorithms are simple. One can use any of the key generation algorithm (for e.g. RSA. 2. When a new class is added into an existing one or deleted from the system, the other existing secret keys remain unchanged. 3. Each user can select or change his/her secret key randomly for the various secure considerations; that means the key generation is flexible. 4. The addition of node can be made any where in the hierarchical tree structure.
V. ADVANTAGE OF PROPOSED AUTHENTICATED HIERARCHICAL ACCESS CONTROL SCHEMES
REFERENCES [1]
i.
Dual secret key cryptography ensures secrecy and authenticity of the stored data.
ii.
In our message digest technique we add another security by adding one of the secret key in the digest. So making of two equal message digest is not possible in any way.
[2] [3]
iii. iv. v. vi.
Root is not over loaded. No need to go every time to the root node for data communication. For security the model is more flexible because in place of dual secret key any one can use any other asymmetric key algorithm. For data transfer the model is more flexible because any symmetric key algorithm can be used. In the previous approaches the connections with other nodes are permanent ,it can be happened that
The users can change their secret keys anytime and anywhere for the sake of security
[4] [5] [6] [7] [8] [9] [10] [11] [12]
Alper UöUR, øbrahim SOöUKPINAR “A New Hierarchical Signature Scheme With Authorization “Aralik December 2007. Jiang Wu and Ruizhong Wei “An Access Control Scheme for Partially Ordered Set Hierarchy with Provable Security “ Hsiang-An Wen, Chein-Min Lo and Tzonelih Hwang “Publicly verifiable authenticated encryption” Alper UöUR, øbrahim SOöUKPINAR “A New Hierarchical Signature Scheme With Authorization” D. Chaum, H. V. Antwerpen, “Undeniable Signatures”, CRYPTO '89 LNCS 435, Springer-Verlag, pp. 212-217. http://en.wikipedia.org/wiki/Hierarchical_Structure http://en.wikipedia.org/wiki/Access control G.I. Davida, D.L. Wells, J.B. Kam, A database encryption system with subkeys, ACM Transactions on Database Systems 6 (2) (1981) 312–328. D.E. Denning, Cryptography and Data Security, Addison-Wesley, Massachusetts, 1983, Chapter 2. [10] D.E. Denning, S.G. Akl, M. Morgenstern, P.G. Neumann, Views for multilevel database security, in: Proceedings of 1986 IEEE on Security and Privacy, Oakland, CA, 1986, pp. 156–172. [11] D.E. Denning, Cryptographic checksums for multilevel database security, in: Proceedings of 1984 IEEE on Security and Privacy, Oakland, CA, 1984, pp. 52–61.
