Skip to main content

Research Repository

Advanced Search

Anonymous attestation with user-controlled linkability

Bernhard, D.; Fuchsbauer, G.; Ghadafi, E.; Smart, N. P.; Warinschi, B.

Anonymous attestation with user-controlled linkability Thumbnail


Authors

D. Bernhard

G. Fuchsbauer

Essam Ghadafi Essam.Ghadafi@uwe.ac.uk
Senior Lecturer in Computer Science

N. P. Smart

B. Warinschi



Abstract

This paper is motivated by the observation that existing security models for direct anonymous attestation (DAA) have problems to the extent that insecure protocols may be deemed secure when analysed under these models. This is particularly disturbing as DAA is one of the few complex cryptographic protocols resulting from recent theoretical advances actually deployed in real life. Moreover, standardization bodies are currently looking into designing the next generation of such protocols. Our first contribution is to identify issues in existing models for DAA and explain how these errors allow for proving security of insecure protocols. These issues are exhibited in all deployed and proposed DAA protocols (although they can often be easily fixed). Our second contribution is a new security model for a class of "pre-DAA scheme", that is, DAA schemes where the computation on the user side takes place entirely on the trusted platform. Our model captures more accurately than any previous model the security properties demanded from DAA by the trusted computing group (TCG), the group that maintains the DAA standard. Extending the model from pre-DAA to full DAA is only a matter of refining the trust models on the parties involved. Finally, we present a generic construction of a DAA protocol from new building blocks tailored for anonymous attestation. Some of them are new variations on established ideas and may be of independent interest. We give instantiations for these building blocks that yield a DAA scheme more efficient than the one currently deployed, and as efficient as the one about to be standardized by the TCG which has no valid security proof. © 2013 Springer-Verlag Berlin Heidelberg.

Journal Article Type Article
Acceptance Date Feb 23, 2013
Publication Date Jun 1, 2013
Publicly Available Date Jun 7, 2019
Journal International Journal of Information Security
Print ISSN 2356-5845
Electronic ISSN 2382-2619
Publisher N&N Global Technology
Peer Reviewed Peer Reviewed
Volume 12
Issue 3
Pages 219-249
DOI https://doi.org/10.1007/s10207-013-0191-z
Keywords DAA protocol, group signatures, security models
Public URL https://uwe-repository.worktribe.com/output/934678
Publisher URL http://dx.doi.org/10.1007/s10207-013-0191-z
Additional Information Additional Information : The final publication is available at Springer via http://dx.doi.org/10.1007/s10207-013-0191-z

Files






You might also like



Downloadable Citations