One TPM to Bind Them All: Fixing TPM 2.0 for Provably Secure Anonymous Attestation

The Trusted Platform Module (TPM) is an international standard for a security chip that can be used for the management of cryptographic keys and for remote attestation. The specification of the most recent TPM 2.0 interfaces for direct anonymous attestation unfortunately has a number of severe shortcomings. First of all, they do not allow for security proofs (indeed, the published proofs are incorrect). Second, they provide a Diffie-Hellman oracle w.r.t. the secret key of the TPM, weakening the security and preventing forward anonymity of attestations. Fixes to these problems have been proposed, but they create new issues: they enable a fraudulent TPM to encode information into an attestation signature, which could be used to break anonymity or to leak the secret key. Furthermore, all proposed ways to remove the Diffie-Hellman oracle either strongly limit the functionality of the TPM or would require significant changes to the TPM 2.0 interfaces. In this paper we provide a better specification of the TPM 2.0 interfaces that addresses these problems and requires only minimal changes to the current TPM 2.0 commands. We then show how to use the revised interfaces to build q-SDH-and LRSW-based anonymous attestation schemes, and prove their security. We finally discuss how to obtain other schemes addressing different use cases such as key-binding for U-Prove and e-cash.

[1]  Liqun Chen,et al.  On the Design and Implementation of an Efficient DAA Scheme , 2010, IACR Cryptol. ePrint Arch..

[2]  Li Xi,et al.  DAA-Related APIs in TPM 2.0 Revisited , 2014, TRUST.

[3]  Daniel R. L. Brown,et al.  The Static Diffie-Hellman Problem , 2004, IACR Cryptology ePrint Archive.

[4]  Kenneth G. Paterson,et al.  Pairings for Cryptographers , 2008, IACR Cryptol. ePrint Arch..

[5]  Jiangtao Li,et al.  Enhanced privacy ID from bilinear pairing for hardware authentication and attestation , 2011, Int. J. Inf. Priv. Secur. Integr..

[6]  Jan Camenisch,et al.  Anonymous Attestation Using the Strong Diffie Hellman Assumption Revisited , 2016, TRUST.

[7]  Paulo S. L. M. Barreto,et al.  Pairing-Friendly Elliptic Curves of Prime Order , 2005, Selected Areas in Cryptography.

[8]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[9]  Georg Fuchsbauer,et al.  Anonymous attestation with user-controlled linkability , 2013, International Journal of Information Security.

[10]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[11]  Jiangtao Li,et al.  Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities , 2007, IEEE Transactions on Dependable and Secure Computing.

[12]  Christian Paquin,et al.  U-Prove Cryptographic Specification V1.1 (Revision 3) , 2013 .

[13]  Jiangtao Li,et al.  A Pairing-Based DAA Scheme Further Reducing TPM Resources , 2010, TRUST.

[14]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[15]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[16]  Tolga Acar,et al.  A TPM Diffie-Hellman Oracle , 2013, IACR Cryptol. ePrint Arch..

[17]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[18]  Jiangtao Li,et al.  Flexible and scalable digital signatures in TPM 2.0 , 2013, CCS.

[19]  Jan Camenisch,et al.  Universally Composable Direct Anonymous Attestation , 2016, Public Key Cryptography.

[20]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[21]  Amit Sahai,et al.  Pseudonym Systems , 1999, Selected Areas in Cryptography.

[22]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[23]  Jan Camenisch,et al.  Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.

[24]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[25]  Ran Canetti,et al.  Universally composable signature, certification, and authentication , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[26]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[27]  Aggelos Kiayias,et al.  On the Portability of Generalized Schnorr Proofs , 2009, EUROCRYPT.

[28]  Liqun Chen,et al.  DAA-A: Direct Anonymous Attestation with Attributes , 2015, TRUST.

[29]  Yi Mu,et al.  Constant-Size Dynamic k-TAA , 2006, SCN.

[30]  Jan Camenisch,et al.  Anonymous Attestation with Subverted TPMs , 2017, CRYPTO.