Privacy Enhancements for Hardware-Based Security Modules

  • Vijayakrishnan Pasupathinathan
  • Josef Pieprzyk
  • Huaxiong Wang
Part of the Communications in Computer and Information Science book series (CCIS, volume 130)


The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks.

In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.


Pseudonyms Anonymity Hardware-based security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Trusted computing group (2008),
  2. 2.
    TCG: Trusted computing group main specification v1.1 (2001)Google Scholar
  3. 3.
    Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: 11th ACM Conference on Computer and Communications Security. ACM Press, New York (2004)Google Scholar
  4. 4.
    TCG: Trusted computing group main specification v1.2 (2007)Google Scholar
  5. 5.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 101–120. Springer, Heidelberg (2002)Google Scholar
  6. 6.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Communications of the ACM 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  7. 7.
    Chaum, D., Evertse, J.H.: A secure and privacy-protecting protocol for transmitting personal information between organizations. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 118–167. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  8. 8.
    Chen, L.: Access with pseudonyms. In: Dawson, E., Golic, J. (eds.) Cryptography: Policy and Algorithms 1995. LNCS, vol. 1029, pp. 232–243. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  9. 9.
    Canetti, R., Charikar, M.S., Rajagopalan, S., Ravikumar, S., Sahai, A., Tomkins, A.S.: Non-transferable anonymous credentials. Patent No: 7222362 (2000)Google Scholar
  10. 10.
    Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems (extended abstract). In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  11. 11.
    Damgard, I.: Payment systems and credential mechanisms with provable security against abuse by individuals. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 328–335. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  12. 12.
    Pointcheval, D.: The composite discrete logarithm and secure authentication. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 113–128. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  13. 13.
    Chaum, D.: Blind signatures for untraceable payments. In: Advances in Cryptology - CRYPTO 1982, pp. 199–203 (1982)Google Scholar
  14. 14.
    Blum, L., Blum, M., Shub, M.: A simple unpredictable pseudo random number generator. SIAM J. Computing 15(2), 364–383 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Chaum, D., Pedersen, T.: Transferred cash grows in size. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 390–407. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  16. 16.
    Camenisch, J., Michels, M.: Separability and efficiency for generic group signature schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 413–430. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  17. 17.
    Franklin, M., Haber, S.: Joint encryption and message-efficient secure computation. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 266–277. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  18. 18.
    Girault, M.: Self-certified public keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  19. 19.
    Goldreich, O.: Modern Cryptoraphy, Probabilistic Proofs and Pseudo-randomness. Springer, Heidelberg (1999)CrossRefzbMATHGoogle Scholar
  20. 20.
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  21. 21.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM Conference on Computer and Communications Security 1993, pp. 62–73 (1993)Google Scholar
  22. 22.
    Poupard, G., Stern, J.: Security analysis of a practical “on the fly” authentication and signature generation. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 422–436. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Vijayakrishnan Pasupathinathan
    • 1
  • Josef Pieprzyk
    • 1
  • Huaxiong Wang
    • 2
  1. 1.Centre for Advanced Computing, Algorithms and Cryptography, Department of ComputingMacquarie UniversitySydneyAustralia
  2. 2.Division of Mathematical SciencesNanyang Technological UniversitySingaporeSingapore

Personalised recommendations