Advertisement

A DAA Scheme Requiring Less TPM Resources

  • Liqun Chen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6151)

Abstract

Direct anonymous attestation (DAA) is a special digital signature primitive, which provides a balance between signer authentication and privacy. One of the most interesting properties that makes this primitive attractive in practice is its construction of signers. The signer role of DAA is split between two entities, a principal signer (a trusted platform module (TPM)) with limited computational capability and an assistant signer (a computer platform into which the TPM is embedded) with more computational power but less security tolerance. Our first contribution in this paper is a new DAA scheme that requires very few TPM resources. This new scheme has better performance than the existing DAA schemes and is provable secure based on the q-SDH problem and DDH problem under the random oracle model. Our second contribution is a modification of the DAA security model defined in [12] to cover the property of non-frameability.

Keywords

direct anonymous attestation trusted platform module bilinear map 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Au, M.H., Susilo, W., Mu, Y.: Constant-size dynamic k-TAA. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 111–125. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Backes, M., Maffei, M., Unruh, D.: Zero knowledge in the applied Pi–calculus and automated verification of the direct anonymous attestation protocol. In: IEEE Symposium on Security and Privacy – SSP 2008, pp. 202–215 (2008)Google Scholar
  3. 3.
    Balfe, S., Lakhani, A.D., Paterson, K.G.: Securing peer-to-peer networks using trusted computing. In: Mitchell (ed.) Trusted Computing, ch. 10, pp. 271–298. IEEE, London (2005)Google Scholar
  4. 4.
    Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: The 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Shi, H., Zhang, C.: Foundations of group signatures: The case of dynamic groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Boyen, X.: Sort signatures without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 56–73. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Boyd, C., Pavlovski, C.: Attacking and repairing batch verification schemes. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 58–71. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: The 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)CrossRefGoogle Scholar
  11. 11.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation in context. In: Mitchell (ed.) Trusted Computing, ch. 5, pp. 143–174. IEEE, London (2005)Google Scholar
  12. 12.
    Brickell, E., Chen, L., Li, J.: Simplified security notions for direct anonymous attestation and a concrete scheme from pairings. Int. Journal of Information Security 8, 315–330 (2009)CrossRefGoogle Scholar
  13. 13.
    Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  14. 14.
    Brickell, E., Li, J.: Enhanced privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In: The 6th ACM Workshop on Privacy in the Electronic Society – WPES 2007, pp. 21–30. ACM Press, New York (2007)CrossRefGoogle Scholar
  15. 15.
    Brickell, E., Li, J.: Enhanced privacy ID from bilinear pairing. In: Cryptology ePrint Archive. Report 2009/095, http://eprint.iacr.org/2009/095
  16. 16.
    Canard, S., Traore, J.: List signature schemes and application to electronic voting. Presented in International Workshop on Coding and Cryptography 2003 (2003); See also the Journal Version of This Paper by Canard, S., Schoenmakers, B., Stam, M., Traore, J.: List signature schemes. Discrete Applied Mathematics 154(2), 189–201 (2006)Google Scholar
  17. 17.
    Chen, L.: A DAA scheme requiring less TPM resources. In: Cryptology ePrint Archive. Report 2010/008, http://eprint.iacr.org/2010/008
  18. 18.
    Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. Int. Journal of Information Security 6, 213–242 (2007)CrossRefGoogle Scholar
  19. 19.
    Chen, L., Li, J.: A note on the Chen-Morrissey-Smart Direct Anonymous Attestation scheme (preprint)Google Scholar
  20. 20.
    Chen, L., Morrissey, P., Smart, N.P.: Pairings in trusted computing. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 1–17. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  21. 21.
    Chen, L., Morrissey, P., Smart, N.P.: On proofs of security of DAA schemes. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 156–175. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  22. 22.
    Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. In: Cryptology ePrint Archive. Report 2009/198, http://eprint.iacr.org/2009/198
  23. 23.
    Chen, X., Feng, D.: Direct anonymous attestation for next generation TPM. Journal of Computers 3(12), 43–50 (2008)MathSciNetGoogle Scholar
  24. 24.
    Delerablee, C., Pointcheval, D.: Dynamic fully anonymous short group signatures. In: Nguyên, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 193–210. Springer, Heidelberg (2006), http://www.di.ens.fr/users/pointche/Documents/Papers/2006_vietcrypt.pdf for a corrected version of this paperCrossRefGoogle Scholar
  25. 25.
    Galbraith, S., Paterson, K., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156, 3113–3121 (2008)zbMATHCrossRefMathSciNetGoogle Scholar
  26. 26.
    Ge, H., Tate, S.R.: A Direct anonymous attestation scheme for embedded devices. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 16–30. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  27. 27.
    ISO/IEC 11889:2009 Information technology – Security techniques – Trusted Platform ModuleGoogle Scholar
  28. 28.
    ISO/IEC 14888-3 Information technology – Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanismsGoogle Scholar
  29. 29.
    Leung, A., Chen, L., Mitchell, C.J.: On a possible privacy flaw in direct anonymous attestation (DAA). In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 179–190. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  30. 30.
    Lim, C.H., Lee, P.J.: A key recovery attack on discrete log-based schemes using a prime order subgroup. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 249–263. Springer, Heidelberg (1997)Google Scholar
  31. 31.
    Lysyanskaya, A., Rivest, R., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  32. 32.
    Pashalidis, A., Mitchell, C.J.: Single sign-on using TCG-conformant platforms. In: Mitchell (ed.) Trusted Computing, ch. 6, pp. 175–193. IEEE, London (2005)Google Scholar
  33. 33.
    Rudolph, C.: Covert identity information in direct anonymous attestation (DAA). In: The 22nd IFIP TC-11 International Information Security Conference – SEC 2007 (2007)Google Scholar
  34. 34.
    Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 239–252. Springer, Heidelberg (1990)Google Scholar
  35. 35.
    Smyth, B., Chen, L., Ryan, M.: Direct Anonymous Attestation (DAA): Ensuring privacy with corrupt administrators. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 218–231. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  36. 36.
    Trusted Computing Group. TCG TPM specification 1.2 (2003), http://www.trustedcomputinggroup.org

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Liqun Chen
    • 1
  1. 1.Hewlett-Packard LaboratoriesUK

Personalised recommendations