In 2004, Yang and Li proposed an access control mechanism in a hierarchy. Since the key generation and key derivation of their scheme are based on public one-way hash functions, the computation loads for each authorized user deriving the secret keys are quite light. Yang-Li scheme consists of five main operations: the key generation operation, the key derivation operation, the adding nodes operation, the deleting nodes operation and the modifying relationships operation. In this article, we point out several security weaknesses of Yang-Li scheme and then propose some modifications to repair Yang-Li scheme such that it could be applied in the real world.
Relation:
Journal of Discrete Mathematical Sciences & Cryptography 9(3): 573-582
