Information Technology Reference
In-Depth Information
A Novel Direct Anonymous Attestation Scheme
Using Secure Two-Party Computation
Xiaohan Yue
1
and Fucai Zhou
2
1
College of information science and engineering, Shenyang University of Technology
Shenyang, China
xhyuer@gmail.com
2
College of information science and engineering, Northeastern University
Shenyang, China
fczhou@mail.neu.edu.cn
Abstract.
Direct Anonymous Attestation (DAA) is a cryptographic scheme
which enables the remote authentication of a trusted platform whilst preserving
privacy under the user's control. In term of construction of DAA, due to the li-
mited computational and storage capability of trusted platform module (TPM),
in this paper, we propose a novel approach for constructing an efficient DAA
scheme: we design a secure two-party computation protocol for the Join/Issue
protocol of DAA, and construct the DAA scheme concretely under the
q
-SDH
assumption and XDH assumption. Based on the DAA security model, we prove
that our DAA scheme meets user-controlled anonymity, user-controlled tracea-
bility in the random oracle model. Finally compared with other existing DAA
schemes, our DAA scheme has better performance.
Keywords:
Trusted Computing, direct anonymous attestation, secure two-party
computation, security proof.
1
Introduction
Trusted Computing [1] is a hardware-based security guarantee mechanism, which
allows commodity computers to provide cryptographic assurances about their beha-
vior. The core of this architecture is a device called Trusted Platform Module
[2]
(TPM). TPM is a hardware chip embedded in platforms that can carry out various
cryptographic functions. One important function of TPM is integrity reporting, and
the process of reporting the integrity of a platform is known as remote attestation. To
achieve the goals of remote attestation and ensure the user privacy, Trusted Compu-
ting Group (TCG) has introduced two ways as follows:
One way to preserve user privacy is to employ a trusted third party to manage the
relationship between a platform's true unique identity, and one or more pseudonyms
that can be employed to generate attestations for different purposes. TCG initially
adopted this approach in the TPM specification 1.1[3], dubbing the trusted third party
a Privacy CA and associating the pseudonyms with Attestation Identity Keys (AIKs).
A TPM's true unique identity is represented by the Endorsement Key (EK) embedded
