Skip to main content
SpringerLink
Log in

A (Corrected) DAA Scheme Using Batch Proof and Verification

  • Conference paper
Trusted Systems (INTRUST 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7222))

Included in the following conference series:

Abstract

Direct anonymous attestation (DAA) is a cryptographic primitive for providing anonymous signatures, and is a part of trusted computing technology from the Trusted Computing Group (TCG). DAA offers a nice balance between user authentication and privacy. One active research topic in trusted computing community is to develop DAA schemes that require minimum TPM resources. In 2010, Chen introduced a new DAA scheme using batch proof and verification. In this scheme, the TPM only needs to perform one or two exponentiations to create a DAA signature, depending on whether linkability is required. In this paper, we demonstrate an attack to this DAA scheme. The attack allows any malicious host to forge linkable DAA signatures without knowing the private key. We also present a patch to this DAA scheme to mitigate the attack. Our new DAA scheme has the same computational requirement for a TPM. We formally prove the new DAA scheme is secure in the random oracle model under the blind-4 bilinear LRSW assumption, the DDH assumption, and the gap-DL assumption.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Au, M.H., Susilo, W., Mu, Y.: Constant-Size Dynamic k-TAA. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 111–125. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  2. Abdalla, M., An, J.H., Bellare, M., Namprempre, C.: From Identification to Signatures via the Fiat-Shamir Transform: Minimizing Assumptions for Security and Forward-Security. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 418–433. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  3. Backes, M., Maffei, M., Unruh, D.: Zero knowledge in the applied Pi–calculus and automated verification of the direct anonymous attestation protocol. In: IEEE Symposium on Security and Privacy – SSP 2008, pp. 202–215 (2008)

    Google Scholar 

  4. Balfe, S., Lakhani, A.D., Paterson, K.G.: Securing peer-to-peer networks using trusted computing. In: Mitchell (ed.) Chapter 10 of Trusted Computing, pp. 271–298. IEEE, London (2005)

    Google Scholar 

  5. Bellare, M., Garay, J.A., Rabin, T.: Fast Batch Verification for Modular Exponentiation and Digital Signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 236–250. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  6. Bellare, M., Micciancio, D., Warinschi, B.: Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: The 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press (1993)

    Google Scholar 

  8. Bellare, M., Shi, H., Zhang, C.: Foundations of Group Signatures: The Case of Dynamic Groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Bernhard, D., Fuchsbauer, G., Ghadafi, E., Smart, N.P., Warinschi, B.: Anonymous attestation with user-controlled linkability (manuscript)

    Google Scholar 

  10. Boneh, D., Boyen, X.: Short Signatures Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  11. Boyd, C., Pavlovski, C.: Attacking and Repairing Batch Verification Schemes. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 58–71. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  12. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: The 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press (2004)

    Google Scholar 

  13. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation in context. In: Mitchell (ed.) Chapter 5 of Trusted Computing, pp. 143–174. IEEE, London (2005)

    Chapter  Google Scholar 

  14. Brickell, E., Chen, L., Li, J.: Simplified security notions for direct anonymous attestation and a concrete scheme from pairings. Int. Journal of Information Security 8, 315–330 (2009)

    Article  Google Scholar 

  15. Brickell, E., Chen, L., Li, J.: A New Direct Anonymous Attestation Scheme from Bilinear Maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Brickell, E., Li, J.: Enhanced privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In: The 6th ACM Workshop on Privacy in the Electronic Society – WPES 2007, pp. 21–30. ACM Press (2007)

    Google Scholar 

  17. Brickell, E., Li, J.: Enhanced privacy ID from bilinear pairing. Cryptology ePrint Archive. Report 2009/095 (2009), http://eprint.iacr.org/2009/095

  18. Brickell, E., Li, J.: A pairing-based DAA scheme furhter reducing TPM resources. In: This proceedings

    Google Scholar 

  19. Camenisch, J., Groth, J.: Group Signatures: Better Efficiency and New Theoretical Aspects. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 120–133. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)

    Google Scholar 

  21. Canard, S., Traore, J.: List signature schemes and application to electronic voting. Presented in International Workshop on Coding and Cryptography (2003); see also the journal version of this paper by Canard, S., Schoenmakers, B., Stam, M., Traore, J.: List signature schemes. Discrete Applied Mathematics 154(2), 189–201 (2006)

    Google Scholar 

  22. Chen, L.: A DAA Scheme Requiring Less TPM Resources. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 350–365. Springer, Heidelberg (2010); the full paper is in Cryptology ePrint Archive. Report 2010/008, http://eprint.iacr.org/2010/008

    Chapter  Google Scholar 

  23. Chen, L.: A DAA Scheme Using Batch Proof and Verification. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 166–180. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  24. Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. Int. Journal of Information Security 6, 213–242 (2007)

    Article  Google Scholar 

  25. Chen, L., Li, J.: A note on the Chen-Morrissey-Smart DAA scheme (preprint)

    Google Scholar 

  26. Chen, L., Morrissey, P., Smart, N.P.: Pairings in Trusted Computing. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 1–17. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  27. Chen, L., Morrissey, P., Smart, N.P.: On Proofs of Security for DAA Schemes. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 156–175. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  28. Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. Cryptology ePrint Archive. Report 2009/198 (2009), http://eprint.iacr.org/2009/198

  29. Chen, X., Feng, D.: Direct anonymous attestation for next generation TPM. Journal of Computers 3(12), 43–50 (2008)

    MathSciNet  Google Scholar 

  30. Chen, L., Page, D., Smart, N.P.: On the Design and Implementation of an Efficient DAA Scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223–237. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  31. Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Google Scholar 

  32. Galbraith, S., Paterson, K., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156, 3113–3121 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  33. Ge, H., Tate, S.R.: A Direct Anonymous Attestation Scheme for Embedded Devices. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 16–30. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  34. Granger, R., Smart, N.P.: On computing products of pairings. Cryptology ePrint Archive. Report 2006/172 (2006), http://eprint.iacr.org/2006/172

  35. Hoshino, F., Abe, M., Kobayashi, T.: Lenient/Strict Batch Verification in Several Groups. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 81–94. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  36. ISO/IEC 11889:2009 Information technology – Security techniques – Trusted Platform Module

    Google Scholar 

  37. ISO/IEC 14888-3 Information technology – Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanisms

    Google Scholar 

  38. Leung, A., Chen, L., Mitchell, C.J.: On a Possible Privacy Flaw in Direct Anonymous Attestation (DAA). In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 179–190. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  39. Leung, A., Mitchell, C.J.: Ninja: Non Identity Based, Privacy Preserving Authentication for Ubiquitous Environments. In: Krumm, J., Abowd, G.D., Seneviratne, A., Strang, T. (eds.) UbiComp 2007. LNCS, vol. 4717, pp. 73–90. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  40. Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym Systems (Extended Abstract). In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  41. Pashalidis, A., Mitchell, C.J.: Single sign-on using TCG-conformant platforms. In: Mitchell (ed.) Chapter 6 of Trusted Computing, pp. 175–193. IEEE, London (2005)

    Google Scholar 

  42. Peng, K., Boyd, C., Dawson, E.: Batch zero-knowledge proof and verification and its applications. ACM Trans. Inf. Syst. Secur. 10(2), article 6 (2007)

    Google Scholar 

  43. Rudolph, C.: Covert Identity Information in Direct Anonymous Attestation (DAA). In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) SEC 2007. IFIP, vol. 232, pp. 443–448. Springer, Boston (2007)

    Google Scholar 

  44. Schnorr, C.P.: Efficient Identification and Signatures for Smart Cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)

    Google Scholar 

  45. Smyth, B., Ryan, M., Chen, L.: Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 218–231. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  46. Trusted Computing Group. TCG TPM specification 1.2. (2003), http://www.trustedcomputinggroup.org

Download references

Author information

Authors and Affiliations

  1. Intel Corporation, Hillsboro, Oregon, USA

    Ernie Brickell & Jiangtao Li

  2. Hewlett-Packard Laboratories, Bristol, UK

    Liqun Chen

Authors
  1. Ernie Brickell
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiangtao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hewlett-Packard Laboratories, Long Down Avenue, BS34 8QZ, Stoke Gifford, Bristol, UK

    Liqun Chen

  2. Computer Science Department, Columbia University, Room 465, S.W. Mudd Building, 10027, New York, NY, USA

    Moti Yung

  3. Institute of Technology, Beijing Key Lab of Intelligent Information Technology, 100081, Beijing, China

    Liehuang Zhu

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Brickell, E., Chen, L., Li, J. (2012). A (Corrected) DAA Scheme Using Batch Proof and Verification. In: Chen, L., Yung, M., Zhu, L. (eds) Trusted Systems. INTRUST 2011. Lecture Notes in Computer Science, vol 7222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32298-3_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-32298-3_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32297-6

  • Online ISBN: 978-3-642-32298-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation