Skip to main content
SpringerLink
Log in

Simplified security notions of direct anonymous attestation and a concrete scheme from pairings

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Direct Anonymous Attestation (DAA) is a cryptographic mechanism that enables remote authentication of a user while preserving privacy under the user’s control. The DAA scheme developed by Brickell, Camenisch, and Chen has been adopted by the Trust Computing Group for remote anonymous attestation of Trusted Platform Module, which is a small hardware device with limited storage space and communication capability. In this paper, we provide two contributions to DAA. We first introduce simplified security notions of DAA including the formal definitions of user controlled anonymity and traceability. We then propose a new DAA scheme from elliptic curve cryptography and bilinear maps. The lengths of private keys and signatures in our scheme are much shorter than the lengths in the original DAA scheme, with a similar level of security and computational complexity. Our scheme builds upon the Camenisch–Lysyanskaya signature scheme and is efficient and provably secure in the random oracle model under the LRSW (stands for Lysyanskaya, Rivest, Sahai and Wolf) assumption and the decisional Bilinear Diffie–Hellman assumption.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestaion protocol. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 202–215. IEEE Computer Society (2008)

  2. Balfe S., Lakhani A.D., Paterson K.G.: Securing peer-to-peer networks using trusted computing. In: Mitchell, C. (eds) Chapter 10 of Trusted Computing, pp. 271–298. IEE, London (2005)

    Google Scholar 

  3. Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Advances in Cryptology—CRYPTO’02, Lecture Notes in Computer Science, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)

  4. Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Advances in Cryptology—EUROCRYPT’03, Lecture Notes in Computer Science, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)

  5. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)

  6. Boneh, D., Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. In: Advances in Cryptology—EUROCRYPT’04, Lecture Notes in Computer Science, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)

  7. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Advances in Cryptology—CRYPTO’01, Lecture Notes in Computer Science, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

  8. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)

  9. Brickell E., Camenisch J., Chen L.: Direct anonymous attestation in context. In: Mitchell, C. (eds) Chapter 5 of Trusted Computing, pp. 143–174. IEE, London (2005)

    Google Scholar 

  10. Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Trusted Computing—Challenges and Applications—TRUST 2008, Lecture Notes in Computer Science, vol. 4968, pp. 166–178. Springer, Heidelberg (2008)

  11. Brickell, E., Li, J.: Enhanced privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In: Proceedings of the Sixth ACM Workshop on Privacy in the Electronic Society. ACM Press, New York (2007)

  12. Brickell, E.F., Chaum, D., Damgård, I., van de Graaf, J.: Gradual and verifiable release of a secret. In: Advances in Cryptology—CRYPTO’87, Lecture Notes in Computer Science, vol. 293, pp. 156–166. Springer, Heidelberg (1987)

  13. Camenisch, J., Groth, J.: Group signatures: Better efficiency and new theoretical aspects. In: Blundo, C., Cimato, S. (eds.) Proceedings of Forth International Conference on Security in Communication Networks, SCN 2004, Lecture Notes in Computer Science, vol. 3352, pp. 122–135. Springer, Heidelberg (2005)

  14. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Proceedings of the Third Conference on Security in Communication Networks, Lecture Notes in Computer Science, vol. 2576, pp. 268–289. Springer, Heidelberg (2002)

  15. Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Advances in Cryptology—CRYPTO’04, Lecture Notes in Computer Science, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)

  16. Camenisch, J., Michels, M.: Separability and efficiency for generic group signature schemes. In: In Advances in Cryptology—CRYPTO’99, Lecture Notes in Computer Science, vol. 1666, pp. 413–430. Springer, Heidelberg (1999)

  17. Camenisch, J., Shoup, V.: Practical verifiable encryption and decryption of discrete logarithms. In: Advances in Cryptology—CRYPTO’03, Lecture Notes in Computer Science, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)

  18. Camenisch, J., Stadler, M.: Efficient group signature schemes for large groups. In: Advances in Cryptology—CRYPTO’97, Lecture Notes in Computer Science, vol. 1296, pp. 410–424. Springer, Heidelberg (1997)

  19. Canetti R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143–202 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  20. Chaum, D.: Zero-knowledge undeniable signatures. In: Advances in Cryptology—EUROCRYPT’90, Lecture Notes in Computer Science, vol. 473, pp. 458–464. Springer, Heidelberg (1990)

  21. Chaum, D., Evertse, J.H., van de Graaf, J.: An improved protocol for demonstrating possession of discrete logarithms and some generalizations. In: Advances in Cryptology—EUROCRYPT’87, Lecture Notes in Computer Science, vol. 304, pp. 127–141. Springer, Heidelberg (1987)

  22. Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Advances in Cryptology—CRYPTO’92, Lecture Notes in Computer Science, vol. 740, pp. 89–105. Springer, Heidelberg (1992)

  23. Chen, L., Morrissey, P., Smart, N.P.: On proofs of security of DAA schemes. In: Proceedings of the Second International Conference on Provable Security—ProvSec 2008, Lecture Notes in Computer Science, vol. 5324, pp. 167–175. Springer, Heidelberg (2008)

  24. Chen, L., Morrissey, P., Smart, N.P.: Pairings in trusted computing. In: Proceedings of the Second International Conference on Pairing-Based Cryptography, Lecture Notes in Computer Science, vol. 5209, pp. 1–17. Springer, Heidelberg (2008)

  25. Damgård, I., Fujisaki, E.: An integer commitment scheme based on groups with hidden order. In: Advances in Cryptology—ASIACRYPT’02, Lecture Notes in Computer Science, vol. 2501, pp. 125–142. Springer, Heidelberg (2002)

  26. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Advances in Cryptology—CRYPTO’86, Lecture Notes in Computer Science, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

  27. Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Advances in Cryptology—CRYPTO’97, Lecture Notes in Computer Science, vol. 1294, pp. 16–30. Springer, Heidelberg (1997)

  28. Galbraith, S.D., Harrison, K., Soldera, D.: Implementing the Tate pairing. In: Proceedings of the Fifth International Symposium on Algorithmic Number Theory, Lecture Notes of Computer Science, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)

  29. Ge, H., Tate, S.R.: A direct anonymous attestation scheme for embedded devices. In: Proceedings of Public Key Cryptography—PKC 2007, Lecture Notes in Computer Science, vol. 4450. Springer, Heidelberg (2007)

  30. Leung, A., Chen, L., Mitchell, C.J.: On a possible privacy flaw in direct anonymous attestation (DAA). In: Trusted Computing—Challenges and Applications—TRUST 2008, Lecture Notes in Computer Science, vol. 4968, pp. 179–190. Springer, Heidelberg (2008)

  31. Leung, A., Mitchell, C.J.: Ninja: Non identity based, privacy preserving authentication for ubiquitous environments. In: Proceedings of Ninth International Conference on Ubiquitous Computing, Lecture Notes in Computer Science, vol. 4717, pp. 73–90. Springer, Heidelberg (2007)

  32. Lynn, B.: On the implementation of pairing-based cryptosystems. PhD. thesis, Stanford University, Stanford (2007)

  33. Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Proceedings of the Sixth Workshop on Selected Areas in Cryptography, Lecture Notes in Computer Science, vol. 1758, pp. 184–199. Springer, Heidelberg (1999)

  34. Menezes, A., Vanstone, S., Okamoto, T.: Reducing elliptic curve logarithms to logarithms in a finite field. In: Proceedings of the 23rd annual ACM Symposium on Theory of Computing (STOC), pp. 80–89. ACM Press, New York (1991)

  35. Pashalidis A., Mitchell C.J.: Single sign-on using TCG-conformant platforms. In: Mitchell, C. (eds) Trusted Computing, Chap 6, pp. 175–193. IEE, London (2005)

    Google Scholar 

  36. Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 184–200. IEEE Computer Society Press (2001)

  37. Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Advances in Cryptology—EUROCRYPT’96, Lecture Notes in Computer Science, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)

  38. Rudolph, C.: Covert identity information in direct anonymous attestation (DAA). In: Proceedings of the 22nd IFIP TC-11 International Information Security Conference (SEC2007), IFIP International Federation for Information Processing, vol. 232, pp. 443–448. Springer, Boston (2007)

  39. Schnorr C.P.: Efficient identification and signatures for smart cards. J. Cryptol. 4(3), 161–174 (1991)

    Article  MATH  MathSciNet  Google Scholar 

  40. Smyth, B., Chen, L., Ryan, M.: Direct anonymous attestation (DAA): ensuring privacy with corrupt administrators. In: Stajano, F. (ed.) Proceedings of Fourth European Workshop on Security and Privacy in Ad hoc and Sensor Networks (ESAS 2007), Lecture Notes in Computer Science, vol. 4572, pp. 218–231. Springer, Heidelberg (2007)

  41. Trusted Computing Group: TCG TPM specification 1.2 (2003). Available at http://www.trustedcomputinggroup.org

  42. Trusted Computing Group website: http://www.trustedcomputinggroup.org

Download references

Author information

Authors and Affiliations

  1. Intel Corporation, 2111 NE 25th Ave, Hillsboro, OR, 97124, USA

    Ernie Brickell & Jiangtao Li

  2. HP Laboratories, Long Down Avenue, Stoke Gifford, Bristol, BS34 8QZ, UK

    Liqun Chen

Authors
  1. Ernie Brickell
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiangtao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Liqun Chen.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Brickell, E., Chen, L. & Li, J. Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. Int. J. Inf. Secur. 8, 315–330 (2009). https://doi.org/10.1007/s10207-009-0076-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-009-0076-3

Keywords

Search

Navigation