How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Efficient Group Signature Schemes for Large Groups (Extended Abstract)
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Proceedings of the 11th ACM conference on Computer and communications security
Group signatures: better efficiency and new theoretical aspects
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Anonymous connections and onion routing
IEEE Journal on Selected Areas in Communications
Formal methods for cryptographic protocol analysis: emerging issues and trends
IEEE Journal on Selected Areas in Communications
A New Direct Anonymous Attestation Scheme from Bilinear Maps
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
On Proofs of Security for DAA Schemes
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
Trusted Computing: Security and Applications
Cryptologia
Anonymous authentication with TLS and DAA
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
A DAA scheme using batch proof and verification
TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
A DAA scheme requiring less TPM resources
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Implementation aspects of anonymous credential systems for mobile trusted platforms
CMS'11 Proceedings of the 12th IFIP TC 6/TC 11 international conference on Communications and multimedia security
Direct anonymous attestation: enhancing cloud service user privacy
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part II
Trusted computing enhanced user authentication with OpenID and trustworthy user interface
International Journal of Internet Technology and Secured Transactions
A (corrected) DAA scheme using batch proof and verification
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
Formal analysis of anonymity in ECC-Based direct anonymous attestation schemes
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Flexible and scalable digital signatures in TPM 2.0
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user's privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification. In this paper we show DAA places an unnecessarily large burden on the TPM host. We demonstrate how corrupt administrators can exploit this weakness to violate privacy. The paper provides a fix for the vulnerability. Further privacy issues concerning linkability are identified and a framework for their resolution is developed. In addition an optimisation to reduce the number of messages exchanged is proposed.