Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Proceedings of the 11th ACM conference on Computer and communications security
An integrated architecture for trusted computing for java enabled embedded devices
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Implementation Aspects of Mobile and Embedded Trusted Computing
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Anonymous credentials on a standard java card
Proceedings of the 16th ACM conference on Computer and communications security
Direct anonymous attestation (DAA): ensuring privacy with corrupt administrators
ESAS'07 Proceedings of the 4th European conference on Security and privacy in ad-hoc and sensor networks
Lightweight anonymous authentication with TLS and DAA for embedded mobile devices
ISC'10 Proceedings of the 13th international conference on Information security
Anonymous credentials for java enabled platforms: a performance evaluation
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Anonymous client authentication for transport layer security
CMS'10 Proceedings of the 11th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security
Practical privacy preserving cloud resource-payment for constrained clients
PETS'12 Proceedings of the 12th international conference on Privacy Enhancing Technologies
Hi-index | 0.00 |
Anonymity and privacy protection are very important issues for Trusted Computing enabled platforms. Protection mechanisms are required in order to hide activities of the trusted platforms when performing cryptography based transactions over the Internet, which would otherwise compromise the platform's privacy and with it the users's anonymity. In order to address this problem, the Trusted Computing Group (TCG) has introduced two concepts addressing the question how the anonymity of Trusted Platform Modules (TPMs) and their enclosing platforms can be protected. The most promising of these two concepts is the Direct Anonymous Attestation (DAA) scheme which eliminates the requirement of a remote authority but includes complex mathematical computations. Moreover, DAA requires a comprehensive infrastructure consisting of various components in order to allow anonymous signatures to be used in real-world scenarios. In this paper, we discuss the results of our analysis of an infrastructure for anonymous credential systems which is focused on the Direct Anonymous Attestation (DAA) scheme as specified by the TCG. For the analysis, we especially focus on mobile trusted platforms and their requirements. We discuss our experiences and experimental results when designing and implementing the infrastructure and give suggestions for improvements and propose concepts and models for - from our point of view - missing components.