Direct anonymous attestation

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Direct anonymous attestation

Full text

Pdf (315 KB)

Source

Conference on Computer and Communications Security archive
Proceedings of the 11th ACM conference on Computer and communications security table of contents

Washington DC, USA

SESSION: Credentials table of contents

Pages: 132 - 145

Year of Publication: 2004

ISBN:1-58113-961-6

Authors

Ernie Brickell	Intel Corporation
Jan Camenisch	IBM Research
Liqun Chen	HP Laboratories

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 35, Downloads (12 Months): 184, Citation Count: 17

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1030083.1030103 What is a DOI?

ABSTRACT

This paper describes the direct anonymous attestation scheme (DAA). This scheme was adopted by the Trusted Computing Group (TCG) as the method for remote authentication of a hardware module, called Trusted Platform Module (TPM), while preserving the privacy of the user of the platform that contains the module. DAA can be seen as a group signature without the feature that a signature can be opened, i.e., the anonymity is not revocable. Moreover, DAA allows for pseudonyms, i.e., for each signature a user (in agreement with the recipient of the signature) can decide whether or not the signature should be linkable to another signature. DAA furthermore allows for detection of "known" keys: if the DAA secret keys are extracted from a TPM and published, a verifier can detect that a signature was produced using these secret keys. The scheme is provably secure in the random oracle model under the strong RSA and the decisional Diffie-Hellman assumption.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Giuseppe Ateniese , Jan Camenisch , Marc Joye , Gene Tsudik, A Practical and Provably Secure Coalition-Resistant Group Signature Scheme, Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, p.255-270, August 20-24, 2000
	2	M. Bellare, J. A. Garay, and T. Rabin. Fast batch verification for modular exponentiation and digital signatures. In K. Nyberg, editor, Advances in Cryptology --- EUROCRYPT '98, volume 1403 of LNCS, pages 236--250. Springer Verlag, 1998.
	3	D. Boneh, E. Brickell, L. Chen, and H. Shacham. Set signatures. Manuscript, 2003.
	4	F. Boudot. Efficient proofs that a committed number lies in an interval. In B. Preneel, editor, Advances in Cryptology --- EUROCRYPT 2000, volume 1807 of LNCS, pages 431--444. Springer Verlag, 2000.
	5	E. Brickell. An efficient protocol for anonymously providing assurance of the container of a private key. Submitted to the Trusted Computing Group, Apr. 2003.
	6	Ernest F. Brickell , David Chaum , Ivan Damgård , Jeroen van de Graaf, Gradual and Verifiable Release of a Secret, A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology, p.156-166, August 16-20, 1987
	7	Jan Camenisch , Anna Lysyanskaya, An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.93-118, May 06-10, 2001
	8	Jan Camenisch , Anna Lysyanskaya, Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials, Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology, p.61-76, August 18-22, 2002
	9	J. Camenisch and A. Lysyanskaya. A signature scheme with efficient protocols. In S. Cimato, C. Galdi, and G. Persiano, editors, Security in Communication Networks, Third International Conference, SCN 2002, volume 2576 of LNCS, pages 268--289. Springer Verlag, 2003.
	10	Jan Camenisch , Markus Michels, A Group Signature Scheme with Improved Efficiency, Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology, p.160-174, October 18-22, 1998
	11	J. Camenisch and M. Michels. Proving in zero-knowledge that a number $n$ is the product of two safe primes. In J. Stern, editor, Advances in Cryptology --- EUROCRYPT '99, volume 1592 of LNCS, pages 107--122. Springer Verlag, 1999.
	12	Jan Camenisch , Markus Michels, Separability and Efficiency for Generic Group Signature Schemes, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.413-430, August 15-19, 1999
	13	J. Camenisch and V. Shoup. Practical verifiable encryption and decryption of discrete logarithms. In D. Boneh, editor, Advances in Cryptology --- CRYPTO 2003, volume 2729 of LNCS, pages 126--144, 2003.
	14	Jan Camenisch , Markus Stadler, Efficient Group Signature Schemes for Large Groups (Extended Abstract), Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.410-424, August 17-21, 1997
	15	R. Canetti. Studies in Secure Multiparty Computation and Applications. PhD thesis, Weizmann Institute of Science, Rehovot 76100, Israel, June 1995.
	16	R. Canetti. Security and composition of multi-party cryptographic protocols. Journal of Cryptology, 13(1):143--202, 2000.
	17	D. Chaum. Blind signatures for untraceable payments. In D. Chaum, R. L. Rivest, and A. T. Sherman, editors, Advances in Cryptology --- Proceedings of CRYPTO '82, pages 199--203. Plenum Press, 1983.
	18	David Chaum, Security without identification: transaction systems to make big brother obsolete, Communications of the ACM, v.28 n.10, p.1030-1044, Oct. 1985 [doi>10.1145/4372.4373]
	19	David Chaum, Zero-knowledge undeniable signatures (extended abstract), Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology, p.458-464, February 1991, Aarhus, Denmark
	20	D. Chaum, J.-H. Evertse, and J. van de Graaf. An improved protocol for demonstrating possession of discrete logarithms and some generalizations. In D. Chaum and W. L. Price, editors, Advances in Cryptology ---EUROCRYPT '87, volume 304 of LNCS, pages 127--141. Springer-Verlag, 1988.
	21	David Chaum , Torben P. Pedersen, Wallet Databases with Observers, Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, p.89-105, August 16-20, 1992
	22	D. Chaum and E. van Heyst. Group signatures. In D. W. Davies, editor, Advances in Cryptology --- EUROCRYPT '91, volume 547 of LNCS, pages 257--265. Springer-Verlag, 1991.
	23	Ronald Cramer , Victor Shoup, Signature schemes based on the strong RSA assumption, ACM Transactions on Information and System Security (TISSEC), v.3 n.3, p.161-185, Aug. 2000 [doi>10.1145/357830.357847]
	24	Ivan Damgård , Maciej Koprowski, Practical Threshold RSA Signatures without a Trusted Dealer, Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, p.152-165, May 06-10, 2001
	25	Amos Fiat , Adi Shamir, How to prove yourself: practical solutions to identification and signature problems, Proceedings on Advances in cryptology---CRYPTO '86, p.186-194, January 1987, Santa Barbara, California, United States
	26	Eiichiro Fujisaki , Tatsuaki Okamoto, Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations, Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology, p.16-30, August 17-21, 1997
	27	R. Gennaro, S. Halevi, and T. Rabin. Secure hash-and-sign signatures without the random oracle. In J. Stern, editor, Advances in Cryptology --- EUROCRYPT '99, volume 1592 of LNCS, pages 123--139. Springer Verlag, 1999.
	28	Shafi Goldwasser , Silvio Micali , Ronald L. Rivest, A digital signature scheme secure against adaptive chosen-message attacks, SIAM Journal on Computing, v.17 n.2, p.281-308, April 1988 [doi>10.1137/0217017]
	29	Joe Kilian , Erez Petrank, Identity Escrow, Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology, p.169-185, August 23-27, 1998
	30	A. K. Lenstra and E. K. Verheul. Selecting cryptographic key sizes. Journal of Cryptology, 14(4):255--293, 2001.
	31	Anna A. Lysyanskaya , Ronald L. Rivest, Signature schemes and applications to cryptographic protocol design, 2002
	32	Birgit Pfitzmann , Michael Waidner, Composition and integrity preservation of secure reactive systems, Proceedings of the 7th ACM conference on Computer and communications security, p.245-254, November 01-04, 2000, Athens, Greece [doi>10.1145/352600.352639]
	33	Birgit Pfitzmann , Michael Waidner, A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission, Proceedings of the 2001 IEEE Symposium on Security and Privacy, p.184, May 14-16, 2001
	34	D. Pointcheval and J. Stern. Security proofs for signature schemes. In U. Maurer, editor, Advances in Cryptology --- EUROCRYPT '96, volume 1070 of LNCS, pages 387--398. Springer Verlag, 1996.
	35	Trusted Computing Group. Trusted computing platform alliance (TCPA) main specification, version 1.1a. Republished as Trusted Computing Group (TCG) main specifcation, Version 1.1b, Available at www.trustedcomputinggroup.org, 2001.
	36	Trusted Computing Group. TCG TPM specification 1.2. Available at www.trustedcomputinggroup.org, 2003.
	37	Trusted Computing Group website. www.trustedcomputinggroup.org.

CITED BY 17

	Leonardo A. Martucci , Markulf Kohlweiss , Christer Andersson , Andriy Panchenko, Self-certified Sybil-free pseudonyms, Proceedings of the first ACM conference on Wireless network security, March 31-April 02, 2008, Alexandria, VA, USA
	Jan Camenisch , Dieter Sommer , Roger Zimmermann, Securing user inputs for the web, Proceedings of the second ACM workshop on Digital identity management, November 03-03, 2006, Alexandria, Virginia, USA
	Dries Schellekens , Brecht Wyseur , Bart Preneel, Remote Attestation on Legacy Operating Systems With Trusted Platform Modules, Electronic Notes in Theoretical Computer Science (ENTCS), v.197 n.1, p.59-72, February, 2008
	Reihaneh Safavi-Naini , Shuhong Wang , Yvo Desmedt, Unconditionally secure ring authentication, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
	Daniel J. T. Chong , Robert H. Deng, Privacy-enhanced superdistribution of layered content with trusted access control, Proceedings of the ACM workshop on Digital rights management, October 30-30, 2006, Alexandria, Virginia, USA
	Luis F. G. Sarmenta , Marten van Dijk , Charles W. O'Donnell , Jonathan Rhodes , Srinivas Devadas, Virtual monotonic counters and count-limited objects using a TPM without a trusted OS, Proceedings of the first ACM workshop on Scalable trusted computing, November 03-03, 2006, Alexandria, Virginia, USA
	Patrick Traynor , Michael Chien , Scott Weaver , Boniface Hicks , Patrick McDaniel, Noninvasive Methods for Host Certification, ACM Transactions on Information and System Security (TISSEC), v.11 n.3, p.1-23, March 2008
	Jonathan M. McCune , Adrian Perrig , Arvind Seshadri , Leendert van Doorn, Turtles all the way down: research challenges in user-based attestation, Proceedings of the 2nd USENIX workshop on Hot topics in security, p.1-5, August 07, 2007, Boston, MA
	Liqun Chen , Rainer Landfermann , Hans Löhr , Markus Rohe , Ahmad-Reza Sadeghi , Christian Stüble, A protocol for property-based attestation, Proceedings of the first ACM workshop on Scalable trusted computing, November 03-03, 2006, Alexandria, Virginia, USA
	Abhilasha Bhargav-Spantzel , Jan Camenisch , Thomas Gross , Dieter Sommer, User centricity: a taxonomy and open issues, Proceedings of the second ACM workshop on Digital identity management, November 03-03, 2006, Alexandria, Virginia, USA
	Ernie Brickell , Jiangtao Li, Enhanced privacy id: a direct anonymous attestation scheme with enhanced revocation capabilities, Proceedings of the 2007 ACM workshop on Privacy in electronic society, October 29-29, 2007, Alexandria, Virginia, USA
	Sébastien Canard , Berry Schoenmakers , Martijn Stam , Jacques Traoré, List signature schemes, Discrete Applied Mathematics, v.154 n.2, p.189-201, 1 February 2006
	Giorgio Calandriello , Panos Papadimitratos , Jean-Pierre Hubaux , Antonio Lioy, Efficient and robust pseudonymous authentication in VANET, Proceedings of the fourth ACM international workshop on Vehicular ad hoc networks, September 10-10, 2007, Montreal, Quebec, Canada
	Ravi Sandhu , Xinwen Zhang, Peer-to-peer access control architecture using trusted computing technology, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
	Vivek Haldar , Michael Franz, Symmetric behavior-based trust: a new paradigm for internet computing, Proceedings of the 2004 workshop on New security paradigms, September 20-23, 2004, Nova Scotia, Canada
	Joerg Abendroth , Jean-Marc Seigneur, Deploying the trusted platform module (TPM) to increased fairness and trust in P2P file sharing servents, Proceedings of the 5th WSEAS International Conference on Information Security and Privacy, p.202-207, November 20-22, 2006, Venice, Italy
	Paul C. van Oorschot , Anil Somayaji , Glenn Wurster, Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance, IEEE Transactions on Dependable and Secure Computing, v.2 n.2, p.82-92, April 2005