Direct Anonymous Attestation in practice: Implementation and efficient revocation

Direct Anonymous Attestation (DAA) is a signature scheme that provides a balance between user privacy and authentication in a reasonable way. The first RSA-based DAA is proposed in 2004, since then several ECC-based DAA schemes are proposed to achieve better performance. To analyze DAA schemes from a practical point of view, it is necessary to consider implementation-related issues, such as elliptic curve selection and runtime performance. We present a framework for implementing and evaluating various DAA schemes for multiple computing platforms. We implement four DAA schemes using different elliptic curves and show detailed performance evaluation for both PC and mobile device. We analyze the impact of elliptic selections on the performance of DAA schemes and propose practical techniques such as pre-computation to improve the performance of DAA schemes. We also discuss revocation of DAA and present a novel technique which significantly reduces the time of privacy-enhanced signature revocation, thus making privacy-enhanced revocation practical even for embedded mobile devices.

[1]  Xiaofeng Chen,et al.  A New Direct Anonymous Attestation Scheme from Bilinear Maps , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[2]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[3]  Ge Wei,et al.  TEEM: A User-Oriented Trusted Mobile Device for Multi-platform Security Applications , 2013, TRUST.

[4]  Johannes Winter,et al.  Trusted computing building blocks for embedded linux-based ARM trustzone platforms , 2008, STC '08.

[5]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[6]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[7]  Jiangtao Li,et al.  A Pairing-Based DAA Scheme Further Reducing TPM Resources , 2010, TRUST.

[8]  Jiangtao Li,et al.  Revocation of Direct Anonymous Attestation , 2010, INTRUST.

[9]  Liqun Chen,et al.  On the Design and Implementation of an Efficient DAA Scheme , 2010, IACR Cryptol. ePrint Arch..

[10]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[11]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[12]  Jiangtao Li,et al.  Simplified security notions of direct anonymous attestation and a concrete scheme from pairings , 2009, International Journal of Information Security.

[13]  N. Asokan,et al.  On-board credentials with open provisioning , 2009, ASIACCS '09.

[14]  Stephen R. Tate,et al.  A Direct Anonymous Attestation Scheme for Embedded Devices , 2007, Public Key Cryptography.

[15]  Xiaofeng Chen,et al.  Direct Anonymous Attestation for Next Generation TPM , 2008, J. Comput..

[16]  Liqun Chen,et al.  A DAA Scheme Requiring Less TPM Resources , 2009, Inscrypt.

[17]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[18]  Jiangtao Li,et al.  Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities , 2007, IEEE Transactions on Dependable and Secure Computing.

[19]  Liqun Chen,et al.  Lightweight Anonymous Authentication with TLS and DAA for Embedded Mobile Devices , 2010, ISC.

[20]  Jiangtao Li,et al.  Flexible and scalable digital signatures in TPM 2.0 , 2013, CCS.