September 29, 2009

From Basic Research to Standards to Chips into Everyone’s Computer (DAA)

Posted in Publications tagged , at 17:02 by Thomas Groß

While there is a large body of cryptographic research, there are only a few cryptographic algorithms that are used in practice and indeed almost all cryptographic research results have no impact in practice. One exceptions is the so-called Direct Anonymous Attestation (DAA) protocol that the team has developed together with Intel and HP in the context of the Trusted Computing Group. That group was faced with the problem that the so-called Trusted Platform Module (TPM) that is embedded in many PCs needs to authenticate itself as a valid chip to third parties. This is because the chip monitoring the computer’s function is able to attest whether or not the OS is in a pristine state or full of viruses. Thus is a third party wants to know whether its communication partner is in a good state, it can ask that party’s TPM. Now, if one would use traditional non-private anonymous authentication for this, all transactions by our computers could be linked together. The Direct Anonymous Attestation protocol is basically a light-weight version of the identity mixer anonymous credential protocol adapted to the requirements of the Trusted Computing Group. All the chips produced according to the TPM V1.2 specification implement the protocol and are used on today’s PC.

    1. Ernest F. Brickell, Jan Camenisch, Liqun Chen: Direct anonymous attestation. ACM Conference on Computer and Communications Security 2004
    2. TCG TPM V1.2 specification
    3. Jan Camenisch: Better Privacy for Trusted Computing Platforms: (Extended Abstract). ESORICS 2004: 73-88
      %d bloggers like this: