Proceedings of the 11th ACM conference on Computer and communications security
Trusted Computing: Providing Security for Peer-to-Peer Networks
P2P '05 Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing
Ninja: non identity based, privacy preserving authentication for ubiquitous environments
UbiComp '07 Proceedings of the 9th international conference on Ubiquitous computing
A DAA scheme using batch proof and verification
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
A DAA scheme requiring less TPM resources
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Direct anonymous attestation: enhancing cloud service user privacy
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part II
Trusted computing enhanced user authentication with OpenID and trustworthy user interface
International Journal of Internet Technology and Secured Transactions
A (corrected) DAA scheme using batch proof and verification
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
DAA protocol analysis and verification
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Attacking and fixing Helios: An analysis of ballot secrecy
Journal of Computer Security
Hi-index | 0.02 |
A possible privacy flaw in the TCG implementation of the Direct Anonymous Attestation (DAA) protocol has recently been discovered by Rudolph. This flaw allows a DAA Issuer to covertly include identifying information within DAA Certificates, enabling a colluding DAA Issuer and one or more verifiers to link and uniquely identify users, compromising user privacy and thereby invalidating the key feature provided by DAA . In this paper we argue that, in typical usage scenarios, the weakness identified by Rudolph is not likely to lead to a feasible attack; specifically we argue that the attack is only likely to be feasible if honest DAA signers and verifiers never check the behaviour of issuers. We also suggest possible ways of avoiding the threat posed by Rudolph's observation.