Comments on 'dynamic key management schemes for access control in a hierarchy'

In 1997, Lin proposed a new dynamic access control scheme with a central au thority for users organized in a hierarchy. The author claimed that the new scheme has many advantages, e.g. any class can change its group key for se curity reasons without affecting the others. However, this paper will show that once the old group key of a class is exposed, the newly chosen group k ey can be easily derived by the old key. Moreover, we shall show that if th e identity of a class has a few bits different from those of the other clas ses, a user in the class can easily derive the group keys of these classes to which he/she is not entitled. (C) 1999 Elsevier Science BV. All rights r eserved.