September 29, 2009


Posted in Publications tagged at 17:19 by Thomas Groß

Based on the Identity Mixer technology, one industry standard has evolved: Direct Anonymous Attestation (DAA).

DAA allows a user to convince a verifier that she uses a platform that has embedded a certified hardware module. The protocol protects the user’s privacy: if she talks to the same verifier twice, the verifier is not able to tell whether or not he communicates with the same user as before or with a different one.

This scenario arose in the context of the Trusted Computing Group (TCG). TCG is an industry standardization body that aims to develop and promote an open industry standard for trusted computing hardware and software building blocks to enable more secure data storage, online business practices, and online commerce transactions while protecting privacy and individual rights.

We have worked with TCG and various privacy groups on the requirements of such a scheme and have developed an efficient protocol, called direct anonymous attestation protocol. The scenario is reminiscent of group signatures schemes. In fact, our protocol is based on the-state-of the art group signature scheme. However, a number of research questions had still to be solved for the protocol to be applied in practice. Direct anonymous attestation relies on the Decisional Diffie-Hellman assumption the user’s privacy and on the Strong RSA assumption for security. The protocol has been standardized in the TCG’s TPM version 1.2.

%d bloggers like this: