Property-Based Attestation without a Trusted Third Party

  • Liqun Chen
  • Hans Löhr
  • Mark Manulis
  • Ahmad-Reza Sadeghi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5222)


The Trusted Computing Group (TCG) has proposed the binary attestation mechanism that enables a computing platform with a dedicated security chip, the Trusted Platform Module (TPM), to report its state to remote parties. The concept of property-based attestation (PBA) improves the binary attestation and compensates for some of its main deficiencies. In particular, PBA enhances user privacy by allowing the trusted platform to prove to a remote entity that it has certain properties without revealing its own configuration.

The existing PBA solutions, however, require a Trusted Third Party (TTP) to provide a reliable link of configurations to properties, e.g., by means of certificates. We present a new privacy-preserving PBA approach that avoids such a TTP. We define a formal model, propose an efficient protocol based on the ideas of ring signatures, and prove its security. The cryptographic technique deployed in our protocol is of independent interest, as it shows how ring signatures can be used to efficiently prove the knowledge of an element in a list without disclosing it.


Property-based attestation user privacy ring signatures proof of membership configuration anonymity 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n signatures from a variety of keys. In ASIACRYPT 2002, LNCS vol. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Bender, A., Katz, J., Morselli, R.: Ring Signatures: Stronger Definitions, and Constructions without Random Oracles. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 60–79. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Pfitzmann, B., Liu, P. (eds.) Proceedings of ACM CCS 2004, pp. 132–145. ACM Press, New York (2004)CrossRefGoogle Scholar
  4. 4.
    Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) TRUST 2008. LNCS, vol. 4968. Springer, Heidelberg (2008)Google Scholar
  5. 5.
    Brickell, E., Li, J.: Enhanced Privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In: Proceedings of the 6th Workshop on Privacy in the Electronic Society (WPES 2007), pp. 21–30. ACM Press, New York (2007)CrossRefGoogle Scholar
  6. 6.
    Camenisch, J.: Better privacy for trusted computing platforms. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 73–88. Springer, Heidelberg (2004)Google Scholar
  7. 7.
    Camenisch, J., Michels, M.: Proving in Zero-Knowledge that a Number Is the Product of Two Safe Primes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 107–122. Springer, Heidelberg (1999)Google Scholar
  8. 8.
    Camenisch, J., Stadler, M.: Proof Systems for General Statements about Discrete Logarithms. Technical Report TR 260, Dep. of Computer Science, ETH Zürich (March 1997)Google Scholar
  9. 9.
    Chandran, N., Groth, J., Sahai, A.: Ring Signatures of Sub-linear Size Without Random Oracles. In: Arge, L., Cachin, C., Jurdziński, T., Tarlecki, A. (eds.) ICALP 2007. LNCS, vol. 4596, pp. 423–434. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Chaum, D., van Antwerpen, H.: Undeniable signatures. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 212–216. Springer, Heidelberg (1990)Google Scholar
  11. 11.
    Chen, L., Landfermann, R., Löhr, H., Rohe, M., Sadeghi, A., Stüble, C.: A Protocol for Property-Based Attestation. In: Proceedings of ACM STC 2006, pp. 7–16. ACM Press, New York (2006)Google Scholar
  12. 12.
    Dodis, Y., Kiayias, A., Nicolosi, A., Shoup, V.: Anonymous identification in ad hoc groups. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 609–626. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Fujisaki, E., Okamoto, T.: Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)Google Scholar
  14. 14.
    Kühn, U., Selhorst, M., Stüble, C.: Realizing Property-Based Attestation and Sealing on Commonly Available Hard- and Software. In: ACM STC 2007, pp. 50–57. ACM Press, New York (2007)Google Scholar
  15. 15.
    Micali, S., Rabin, M.O., Kilian, J.: Zero-Knowledge Sets. In: Proceedings of the 44th Symposium on Foundations of Computer Science (FOCS 2003), pp. 80–91. IEEE Computer Society, Los Alamitos (2003)CrossRefGoogle Scholar
  16. 16.
    National Institute of Standards and Technology (NIST). Secure Hash Standard (SHS). FIPS PUB 180-2 (August 2002)Google Scholar
  17. 17.
    National Institute of Standards and Technology (NIST). Digital Signature Standard (DSS). FIPS PUB 186-3 (Draft) (March 2006)Google Scholar
  18. 18.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  19. 19.
    Poritz, J., Schunter, M., van Herreweghen, E., Waidner, M.: Property Attestation – Scalable and Privacy-friendly Security Assessment of Peer Computers. IBM Research Report RZ 3548 (# 99559) (October 2004)Google Scholar
  20. 20.
    Rivest, R., Shamir, A., Tauman, Y.: How to Leak a Secret. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 552–565. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  21. 21.
    Sadeghi, A., Stüble, C.: Property-based attestation for computing platforms: Caring about properties, not mechanisms. In: Proceedings of NSPW 2004, pp. 67–77. ACM Press, New York (2004)Google Scholar
  22. 22.
    Schnorr, C.P.: Efficient Signature Generation by Smart Cards. J. Cryptology 4(3), 161–174 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    Shacham, H., Waters, B.: Efficient Ring Signatures without Random Oracles. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 166–180. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  24. 24.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332 (2004),
  25. 25.
    Trusted Computing Group. TCG TPM Specification, Version 1.2,

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Liqun Chen
    • 1
  • Hans Löhr
    • 2
  • Mark Manulis
    • 3
  • Ahmad-Reza Sadeghi
    • 2
  1. 1.HP LaboratoriesBristolUK
  2. 2.Horst Görtz Institute for IT SecurityRuhr-University of BochumGermany
  3. 3.UCL Crypto GroupUniversité Catholique de LouvainBelgium

Personalised recommendations