4 research outputs found
A DAA Scheme Requiring Less TPM Resources
Direct anonymous attestation (DAA) is a special digital signature
primitive, which provides a balance between signer authentication
and privacy. One of the most interesting properties that makes this
primitive attractive in practice is its construction of signers. The
signer role of DAA is split between two entities, a principal signer
(a trusted platform module (TPM)) with limited computational
capability and an assistant signer (a computer platform into which
the TPM is embedded) with more computational power but less security
tolerance. Our first contribution in this paper is a new DAA scheme
that requires very few TPM resources. In fact the TPM has only
to perform two exponentiations for the DAA Join algorithm and three
exponentiations for the DAA Signing algorithm. We show that
this new scheme has better performance than the
existing DAA schemes and is provable secure based on the -SDH
problem and DDH problem under the random oracle model. Our second
contribution is a modification of the DAA game-based security model to cover the property of non-frameability
Covert identity information in direct anonymous attestation (DAA)
Direct anonymous attestation (DAA) is a practical and efficient protocol for authenticated attestation with satisfaction of strong privacy requirements. This recently developed protocol is already adopted by the Trusted Computing Group and included in the standardized trusted platform module TPM. This paper shows that the main privacy goal of DAA can be violated by the inclusion of covert identity information. This problem is very relevant, as the privacy attack is both efficient and very difficult to detect
Attestation in Trusted Computing: Challenges and Potential Solutions
This report examines the state of play in TCG attestation. It asks the question: how practical is the attestation specification and does it meet the needs of designs that propose to take advantage of trusted computing functionality? It is shown that, broadly speaking, both specification and implementation falls short of its stated goals. Application designs expect different semantics. Straightforward application of attestation to a running system does not provide adequate assurance nor does it scale. It is argued that extending the TCG architecture and reworking application designs are the most viable routes to making attestation a practical proposition