Abstract
Direct anonymous attestation (DAA) is a mechanism for a remote user to provide a verifier with some assurance it is using software and/or hardware from trusted sets of software and/or hardware respectively. In addition, the user is able to control if and when a verifier is able to link two signatures: to determine whether or not they were produced by the same platform. The verifier is never able to tell which which particular platform produced a given signature or pair of signatures.
We first address a problem with the proof of security for the original DAA scheme of Brickell, Camenisch and Chen. In particular, we construct an adversary that can tell if its in a simulation or not. We then provide the necessary changes to the simulator such that the adversary can no longer do this and prove this fact, hence repairing the proof.
Our main contribution is a security analysis of the Chen, Morrissey and Smart (CMS) DAA scheme. This scheme uses asymmetric bilinear pairings and was proposed without a proof of security. We use the well established simulation based security model of Brickell, Camenisch and Chen and also use a similar proof technique to theirs. We prove the CMS scheme is secure in the random oracle model relative to the bilinear Lysyanskaya, Rivest, Sahai and Wolf (LRSW) assumption, the hardness of discrete logarithms in the groups used and collision resistance of the hash functions used in the scheme.
The second and third author would like to thank EPSRC, eCrypt and HP Labs for partially supporting the work in this paper.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Backes, M., Maffei, M., Unruh, D.: Zero Knowledge in the Applied Pi–Calculus and Automated Verification of the Direct Anonymous Attestation Protocol. Cryptology ePrint Archive. Report 2007/289 (2007), http://eprint.iacr.org/2007/289
Balfe, S., Lakhani, A.D., Paterson, K.G.: Securing Peer-to-Peer Networks using Trusted Computing. In: Mitchell, C. (ed.) Trusted Computing, ch. 10, pp. 271–298. IEEE Computer Society Press, Los Alamitos (2005)
Brickell, E., Camenisch, J., Chen, L.: Direct Anonymous Attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press, New York (2004)
Brickell, E., Chen, L., Li, J.: Simplified Security Notions for Direct Anonymous Attestation and a Concrete Scheme from Pairings. Cryptology ePrint Archive. Report 2008/104 (2008), http://eprint.iacr.org/2008/104
Brickell, E., Chen, L., Li, J.: A New Direct Anonymous Attestation Scheme from Bilinear Maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008)
Camenisch, J., Groth, J.: Group Signatures: Better efficiency and new Theoretical Aspects. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 122–135. Springer, Heidelberg (2005)
Camenisch, J., Lysyanskaya, A.: A Signature Scheme with Efficient Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)
Camenisch, J., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)
Chen, L., Morrissey, P., Smart, N.P.: Pairings in Trusted Computing. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 1–17. Springer, Heidelberg (2008)
Ge, H., Tate, S.R.: A Direct Anonymous Attestation Scheme for Embedded Devices. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, Springer, Heidelberg (2007)
Leung, A., Mitchell, C.J.: Ninja: Non-Identity Based, Privacy Preserving Authentication for Ubiquitous Environments. In: Krumm, J., Abowd, G.D., Seneviratne, A., Strang, T. (eds.) UbiComp 2007. LNCS, vol. 4717, pp. 73–90. Springer, Heidelberg (2007)
Smyth, B., Chen, L., Ryan, M.: Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 218–231. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, L., Morrissey, P., Smart, N.P. (2008). On Proofs of Security for DAA Schemes. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds) Provable Security. ProvSec 2008. Lecture Notes in Computer Science, vol 5324. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88733-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-88733-1_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88732-4
Online ISBN: 978-3-540-88733-1
eBook Packages: Computer ScienceComputer Science (R0)