Implementation Aspects of Anonymous Credential Systems for Mobile Trusted Platforms

  • Kurt Dietrich
  • Johannes Winter
  • Granit Luzhnica
  • Siegfried Podesser
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7025)

Abstract

Anonymity and privacy protection are very important issues for Trusted Computing enabled platforms. Protection mechanisms are required in order to hide activities of the trusted platforms when performing cryptography based transactions over the Internet, which would otherwise compromise the platform’s privacy and with it the users’s anonymity. In order to address this problem, the Trusted Computing Group (TCG) has introduced two concepts addressing the question how the anonymity of Trusted Platform Modules (TPMs) and their enclosing platforms can be protected. The most promising of these two concepts is the Direct Anonymous Attestation (DAA) scheme which eliminates the requirement of a remote authority but includes complex mathematical computations. Moreover, DAA requires a comprehensive infrastructure consisting of various components in order to allow anonymous signatures to be used in real-world scenarios. In this paper, we discuss the results of our analysis of an infrastructure for anonymous credential systems which is focused on the Direct Anonymous Attestation (DAA) scheme as specified by the TCG. For the analysis, we especially focus on mobile trusted platforms and their requirements. We discuss our experiences and experimental results when designing and implementing the infrastructure and give suggestions for improvements and propose concepts and models for - from our point of view - missing components.

Keywords

Trusted Third Party Trusted Platform Module Java Virtual Machine Group Credential Trust Computing Group 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Berna, S., Yalcin, O. (eds.): RFIDSec 2010. LNCS, vol. 6370. Springer, Heidelberg (2010)Google Scholar
  2. 2.
    Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard java card. In: CCS 2009: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 600–610. ACM, New York (2009)Google Scholar
  3. 3.
    Brickell, E., Camenisch, J., Chen, L.: Direct Anonymous Attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, Washington DC, vol.(5), pp. 132–145 (November 2004)Google Scholar
  4. 4.
    Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: CCS 2002: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 21–30. ACM, New York (2002)Google Scholar
  5. 5.
    Chen, L., Page, D., Smart, N.P.: On the Design and Implementation of an Efficient DAA Scheme. Cryptology ePrint Archive, Report 2009/598 (2009), http://eprint.iacr.org/
  6. 6.
    Dietrich, K.: An Integrated Architecture for Trusted Computing for Java Enabled Embedded Devices. In: STC 2007, pp. 2–6. ACM, New York (2007)Google Scholar
  7. 7.
    Dietrich, K.: Anonymous Credentials for Java Enabled Platforms: A Performance Evaluation. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 88–103. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Dietrich, K.: Anonymous client authentication for transport layer security. In: De Decker, B., Schaumüller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 268–280. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Dietrich, K., Winter, J.: Implementation Aspects of Mobile and Embedded Trusted Computing. In: Chen, L., Mitchell, C.J., Martin, A. (eds.) Trust 2009. LNCS, vol. 5471, pp. 29–44. Springer, Heidelberg (2009), http://dblp.uni-trier.de/db/conf/trust/trust2009.html#DietrichW09 CrossRefGoogle Scholar
  10. 10.
    Mitchell, C.: Direct Anonymous Attestation in Context. In: Trusted Computing (Professional Applications of Computing), pp. 143–174. IEEE Press, Piscataway (2005)CrossRefGoogle Scholar
  11. 11.
    Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP (1999)Google Scholar
  12. 12.
    Smyth, B., Ryan, M.D., Chen, L.: Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 218–231. Springer, Heidelberg (2007), http://dblp.uni-trier.de/db/conf/esas/esas2007.html#SmythRC07 CrossRefGoogle Scholar
  13. 13.
    Sterckx, M., Gierlichs, B., Preneel, B., Verbauwhede, I.: Efficient Implementation of Anonymous Credentials on Java Card Smart Cards. In: 1st IEEE International Workshop on Information Forensics and Security (WIFS 2009), pp. 106–110. IEEE, London (2009)Google Scholar
  14. 14.
    Trusted Computing Group: TCG Software Stack (TSS) Specification Version 1.2 Level 1, part 1: Commands and Structures (January 6, 2006)Google Scholar
  15. 15.
    Trusted Computing Group: TPM Main Specification Level 2 Version 1.2, Revision 103. Tech. rep., Trusted Computing Group (October 26, 2006)Google Scholar
  16. 16.
    Wachsmann, C., Chen, L., Dietrich, K., Löhr, H., Sadeghi, A.-R., Winter, J.: Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 84–98. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Kurt Dietrich
    • 1
  • Johannes Winter
    • 1
  • Granit Luzhnica
    • 1
  • Siegfried Podesser
    • 1
  1. 1.Institute for Applied Information Processing and CommunicationsGraz, University of TechnologyGrazAustria

Personalised recommendations