Skip to main content
SpringerLink
Log in

A Static Diffie-Hellman Attack on Several Direct Anonymous Attestation Schemes

  • Conference paper
Trusted Systems (INTRUST 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7711))

Included in the following conference series:

Abstract

Direct Anonymous Attestation (DAA) is an anonymous signature scheme designed for anonymous attestation of a Trusted Platform Module (TPM) while preserving the privacy of the device owner. In 2004, Brickell, Camenisch, and Chen provided the first DAA scheme based on the strong RSA assumption and decisional Diffie-Hellman assumption. This scheme was adopted by the Trusted Computing Group in the TPM 1.2 Specification and has been implemented in hundreds of millions of computer platforms. Since then, multiple DAA schemes have been developed, many of which are based on bilinear maps. In this paper, we discover that in a large number of DAA schemes, including the original one adopted in TPM 1.2, a malicious user can treat a TPM as a static Diffie-Hellman (DH) oracle, therefore security of these schemes are based on the hardness of the static DH problem. However, this security feature has not been analyzed in the security proofs of most of these schemes. Brown and Gallant showed that one can break the Static DH problem in a group of order ρ with only O(ρ 1/3) oracle queries and O(ρ 1/3) group operations. Our discovery means that the security level of these DAA schemes can be significantly weaken, only roughly 2/3 of the claimed security level. We discuss the impact of our discovery and present how to patch the affected DAA schemes to avoid this attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ISO/IEC PAS DIS 11889: Information technology – Security techniques – Trusted platform module

    Google Scholar 

  2. Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 202–215. IEEE Computer Society (2008)

    Google Scholar 

  3. Barreto, P.S.L.M., Naehrig, M.: Pairing-Friendly Elliptic Curves of Prime Order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  4. Bellare, M., Shi, H., Zhang, C.: Foundations of Group Signatures: The Case of Dynamic Groups. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 136–153. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  5. Boneh, D., Boyen, X., Shacham, H.: Short Group Signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)

    Google Scholar 

  6. Brickell, E., Camenisch, J., Chen, L.: Direct anonymous attestation. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 132–145. ACM Press (2004)

    Google Scholar 

  7. Brickell, E., Chen, L., Li, J.: A New Direct Anonymous Attestation Scheme from Bilinear Maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  8. Brickell, E., Chen, L., Li, J.: Simplified security notions of direct anonymous attestation and a concrete scheme from pairings. International Journal of Information Security 8(5), 315–330 (2009)

    Article  Google Scholar 

  9. Brickell, E., Chen, L., Li, J.: A (Corrected) DAA Scheme Using Batch Proof and Verification. In: Chen, L., Yung, M., Zhu, L. (eds.) INTRUST 2011. LNCS, vol. 7222, pp. 304–337. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. Brickell, E., Li, J.: Enhanced Privacy ID: A direct anonymous attestation scheme with enhanced revocation capabilities. In: Proceedings of the 6th ACM Workshop on Privacy in the Electronic Society, pp. 21–30 (October 2007)

    Google Scholar 

  11. Brickell, E., Li, J.: Enhanced Privacy ID from bilinear pairing for hardware authentication and attestation. In: Proceedings of 2nd IEEE International Conference on Information Privacy, Security, Risk and Trust, pp. 768–775 (2010)

    Google Scholar 

  12. Brickell, E., Li, J.: A Pairing-Based DAA Scheme Further Reducing TPM Resources. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 181–195. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  13. Brown, D.R.L., Gallant, R.P.: The static Diffie-Hellman problem. Cryptology ePrint Archive, Report 2004/306 (2004), http://eprint.iacr.org/

  14. Camenisch, J.L., Lysyanskaya, A.: A Signature Scheme with Efficient Protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Camenisch, J.L., Lysyanskaya, A.: Signature Schemes and Anonymous Credentials from Bilinear Maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)

    Google Scholar 

  16. Chaum, D., van Antwerpen, H.: Undeniable Signatures. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 212–216. Springer, Heidelberg (1990)

    Google Scholar 

  17. Chen, L.: A DAA Scheme Requiring Less TPM Resources. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 350–365. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  18. Chen, L.: A DAA Scheme Using Batch Proof and Verification. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) TRUST 2010. LNCS, vol. 6101, pp. 166–180. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  19. Chen, L., Morrissey, P., Smart, N.P.: Pairings in Trusted Computing. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 1–17. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  20. Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. Cryptology ePrint Archive, Report 2009/198 (2009), http://eprint.iacr.org/

  21. Chen, L., Page, D., Smart, N.P.: On the Design and Implementation of an Efficient DAA Scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223–237. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  22. Chen, X., Feng, D.: Direct anonymous attestation for next generation TPM. Journal of Computers 3(12), 43–50 (2008)

    MathSciNet  Google Scholar 

  23. Cheon, J.H.: Security Analysis of the Strong Diffie-Hellman Problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 1–11. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  24. El Gamal, T.: A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  25. Ford, W., Kaliski, B.S.: Server-assisted generation of a strong secret from a password. In: Proceedings of the IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 176–180 (2000)

    Google Scholar 

  26. Ge, H., Tate, S.R.: A Direct Anonymous Attestation Scheme for Embedded Devices. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 16–30. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  27. Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym Systems (Extended Abstract). In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  28. Menezes, A.J., Oorschot, P.C.V., Vanstone, S.A.: Handbook of Applied Cryptography (revised reprint with updates). CRC Press (1997)

    Google Scholar 

  29. Montgomery, P.L.: A survey of modern integer factorization algorithms. CWI Quarterly 7, 337–366 (1994)

    MathSciNet  MATH  Google Scholar 

  30. Trusted Computing Group. TCG TPM specification 1.2 (2003), http://www.trustedcomputinggroup.org

Download references

Author information

Authors and Affiliations

  1. Intel Corporation, Hillsboro, Oregon, USA

    Ernie Brickell & Jiangtao Li

  2. Hewlett-Packard Laboratories, Bristol, UK

    Liqun Chen

Authors
  1. Ernie Brickell
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiangtao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Group, University of London, Royal Holloway, TW20 0EX, Egham, Surrey, UK

    Chris J. Mitchell  & Allan Tomlinson  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Brickell, E., Chen, L., Li, J. (2012). A Static Diffie-Hellman Attack on Several Direct Anonymous Attestation Schemes. In: Mitchell, C.J., Tomlinson, A. (eds) Trusted Systems. INTRUST 2012. Lecture Notes in Computer Science, vol 7711. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35371-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35371-0_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35370-3

  • Online ISBN: 978-3-642-35371-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation