The privacy-CA solution (PCAS) is a protocol designed by the Trusted Computing Group (TCG) as an alternative to the Direct Anonymous Attestation scheme for anonymous authentication of Trusted Platform Module (TPM). The protocol has been specified in TPM Specification Version 1.2. In this paper we offer a rigorous security analysis of the protocol. We first design an appropriate security model that captures the level of security offered by PCAS. The model is justified via the expected uses of the protocol in real applications. We then prove, assuming standard security notions for the underlying primitives that the protocol indeed meets the security notion we design. Our analysis sheds some light on the design of the protocol. Finally, we propose a strengthened protocol that meets a stronger notion of security where the adversary is allowed to adaptively corrupt TPMs.
[1]
Mihir Bellare,et al.
Foundations of Group Signatures: The Case of Dynamic Groups
,
2005,
CT-RSA.
[2]
Ernest F. Brickell,et al.
Direct anonymous attestation
,
2004,
CCS '04.
[3]
Liqun Chen,et al.
DAA: Fixing the pairing based protocols
,
2009,
IACR Cryptol. ePrint Arch..
[4]
Silvio Micali,et al.
Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements
,
2000,
EUROCRYPT.
[5]
Jiangtao Li,et al.
Simplified security notions of direct anonymous attestation and a concrete scheme from pairings
,
2009,
International Journal of Information Security.
[6]
Mihir Bellare,et al.
Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General Assumptions
,
2003,
EUROCRYPT.