Yet another attack on the chinese remainder theorem-based hierarchical access control scheme



The hierarchical access control scheme based on Chinese Reminder Theorem (CRTHACS) was supposed to be capable of hiding the hierarchical structure of a group, but Geiselmann et al. showed practical attacks on CRTHACS to reveal the hierarchies it hides. Then, Zou et al. modified it and gave a new CRTHACS to resist those attacks. Nevertheless, we find that the modified version is still defective if it permits changes of structure, that is, the scheme works in a dynamic scenario. In this paper, we describe our attack on the modified version of CRTHACS. We extend the description of the CRTHACS in a more proper form to make it easier for us to look into the problem it has. We find out the key character of the vulnerability, which we name as double-invariance. We generalize our attack in an algebraic form and apply it to a series of hierarchical cryptographic access control schemes that share the same vulnerability with CRTHACS. We also give the countermeasure to fix this vulnerability. Copyright © 2013 John Wiley & Sons, Ltd.