Skip to main content
SpringerLink
Log in

DAA-Related APIs in TPM 2.0 Revisited

  • Conference paper
Trust and Trustworthy Computing (Trust 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8564))

Included in the following conference series:

Abstract

In TPM 2.0, a single signature primitive is proposed to support various signature schemes including Direct Anonymous Attestation (DAA), U-Prove and Schnorr signature. This signature primitive is implemented by several APIs which can be utilized as a static Diffie-Hellman (SDH) oracle. In this paper, we measure the practical impact of the SDH oracle in TPM 2.0 and show the security strength of these signature schemes can be weakened by 13-bit. We propose a novel property of DAA called forward anonymity and show how to utilize these DAA-related APIs to break forward anonymity. Then we propose new APIs which not only remove the SDH oracle but also support the forward anonymity, thus significantly improve the security of DAA and the other signature schemes supported by TPM 2.0. We prove the security of our new APIs under the discrete logarithm assumption in the random oracle model. We prove that the proposed DAA schemes satisfied the forward anonymity property using the new APIs under the Decision Diffie-Hellman assumption. Our new APIs are almost as efficient as the original APIs in TPM 2.0 specification and can support LRSW-DAA and SDH-DAA together with U-Prove as the original APIs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Trusted Computing Group: TCG TPM specification 2.0 (2012), https://www.trustedcomputinggroup.org

  2. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM CCS, ACM, pp. 132–145 (2004)

    Google Scholar 

  3. Trusted Computing Group: TCG TPM specification 1.2 (2003), https://www.trustedcomputinggroup.org

  4. Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Chen, X., Feng, D.: Direct anonymous attestation for next generation TPM. Journal of Computers 3(12), 43–50 (2008)

    MathSciNet  Google Scholar 

  6. Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. Technical report, Cryptology ePrint Archive, Report 2009/198 (2009)

    Google Scholar 

  7. Chen, L., Page, D., Smart, N.P.: On the design and implementation of an efficient DAA scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223–237. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  8. Brickell, E., Chen, L., Li, J.: A (Corrected) DAA scheme using batch proof and verification. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 304–337. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  9. Chen, L., Li, J.: Flexible and scalable digital signatures in TPM 2.0. In: Proceedings of the 2013 ACM CCS, pp. 37–48. ACM (2013)

    Google Scholar 

  10. Brickell, E., Chen, L., Li, J.: A Static Diffie-Hellman Attack on Several Direct Anonymous Attestation Schemes. In: Mitchell, C.J., Tomlinson, A. (eds.) INTRUST 2012. LNCS, vol. 7711, pp. 95–111. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  11. Acar, T., Nguyen, L., Zaverucha, G.: A TPM Diffie-Hellman oracle. Technical report, Cryptology ePrint Archive: Report 2013/667 (2013)

    Google Scholar 

  12. Brickell, E., Chen, L., Li, J.: Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. International Journal of Information Security 8(5), 315–330 (2009)

    Article  Google Scholar 

  13. Chen, L.: A DAA scheme requiring less TPM resources. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 350–365. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  15. ISO/IEC: ISO/IEC 15946-5:2009 information technology – security techniques – cryptographic techniques based on elliptic curves – part 5: Elliptic curve generation

    Google Scholar 

  16. Brickell, E., Li, J.: A pairing-based DAA scheme further reducing TPM resources. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 181–195. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  17. Microsoft: U-Prove cryptographic specification v1.1, http://www.microsoft.com/u-prove

  18. Brown, D.R., Gallant, R.P.: The static Diffie-Hellman problem. IACR Cryptology ePrint Archive, 306 (2004)

    Google Scholar 

  19. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of cryptology 13(3), 361–396 (2000)

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, 100080, China

    Li Xi, Kang Yang, Zhenfeng Zhang & Dengguo Feng

Authors
  1. Li Xi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhenfeng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dengguo Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Chair for Systems Security, Ruhr-University Bochum, Universitätsstr. 150, ID 2/439, 44780, Bochum, Germany

    Thorsten Holz

  2. Institute of Computer Science, Foundation for Research and Technology - Hellas (FORTH), Greece

    Sotiris Ioannidis

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Xi, L., Yang, K., Zhang, Z., Feng, D. (2014). DAA-Related APIs in TPM 2.0 Revisited. In: Holz, T., Ioannidis, S. (eds) Trust and Trustworthy Computing. Trust 2014. Lecture Notes in Computer Science, vol 8564. Springer, Cham. https://doi.org/10.1007/978-3-319-08593-7_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-08593-7_1

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-08592-0

  • Online ISBN: 978-3-319-08593-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation