Abstract
The trusted computing group (TCG) specified two protocols that allow a trusted hardware device to remotely convince a communication partner that it is indeed a trusted hardware device. In turn, This enables two communication partners to establish that the other end is a secure computing platform and hence it is safe exchange data. Both these remote identification protocols provide some degree of privacy to users of the platforms. That is, the communication partners can only establish that the other end uses some trusted hardware device but not which particular one. The first protocol achieves this property by involving trusted third party called Privacy CA in each transaction. This party must be fully trusted by all other parties. In practice, however, this is a strong requirement that is hard to fulfill. Therefore, TCG proposed a second protocol called direct anonymous attestation that overcomes this drawback using techniques known from group signature schemes. However, it offers less privacy than the one involving the Privacy CA. The reason for this is that the protocol needs to allow the verifier to detect rogue hardware devices while before this detection was done by the Privacy CA. In this paper we show how to extend the direct anonymous attestation protocols such that if offers the same degree of privacy as the first solution but still allows the verifier to rogue devices.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)
Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 236–250. Springer, Heidelberg (1998)
Boneh, D., Boyen, X., Shacham, H.: Short group signatures using strong Diffie Hellman. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)
Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. Technical Report Research Report RZ 3450, IBM Research Division (March 2004)
Camenisch, J., Lysyanskaya, A.: Efficient non-transferable anonymous multishow credential system with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)
Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)
Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Sommer, G., Daniilidis, K., Pauli, J. (eds.) CAIP 1997. LNCS, vol. 1296, pp. 410–424. Springer, Heidelberg (1997)
Chaum, D.: Blind signatures for untraceable payments. In: CRYPTO 1982, pp. 199–203. Plenum Press, New York (1983)
Chaum, D.: Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)
Chaum, D., van Heyst, E.: Group signatures. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 257–265. Springer, Heidelberg (1991)
Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)
Kilian, J., Petrank, E.: Identity escrow. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 169–185. Springer, Heidelberg (1998)
Lenstra, A.K., Verheul, E.K.: Selecting cryptographic key sizes. Journal of Cryptology 14(4), 255–293 (2001)
Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Trusted Computing Group. Trusted Computing Group (TCG) main specifcation, Version 1.1b (2001), Available at www.trustedcomputinggroup.org
Trusted Computing Group. TCG TPM specification 1.2 (2003), Available at www.trustedcomputinggroup.org
Trusted Computing Group website, http://www.trustedcomputinggroup.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Camenisch, J. (2004). Better Privacy for Trusted Computing Platforms. In: Samarati, P., Ryan, P., Gollmann, D., Molva, R. (eds) Computer Security – ESORICS 2004. ESORICS 2004. Lecture Notes in Computer Science, vol 3193. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30108-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-30108-0_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22987-2
Online ISBN: 978-3-540-30108-0
eBook Packages: Springer Book Archive