Professional Documents
Culture Documents
(DAA)
Liqun Chen
Trusted Systems Laboratory
Hewlett Packard Laboratories, Bristol
12 October 2005
• what is DAA?
• what is DAA for?
• why DAA?
• how does DAA work?
• what is DAA?
• what is DAA for?
• why DAA?
• how does DAA work?
• what is DAA?
• what is DAA for? – for TCG
• why DAA?
• how does DAA work?
ensure user’s
protect
user’s choice on use of
information security
mechanism
high security
&
low privacy
Processor Memory
AIK
an external partner
a user
AIK
an external partner
a user
• what is DAA?
• what is DAA for?
• why DAA?
• how does DAA work?
• our solution:
– direct anonymous attestation (DAA)
direct proof replaces the TTP
TPM
EK AIK #1
DAA AIK #2
TPM
EK AIK #1
DAA AIK #2
a DAA a DAA
signature of signature of
AIK #1 TPM AIK #2
EK AIK #1
DAA AIK #2
a DAA a DAA
signature of signature of
AIK #1 TPM AIK #2
EK AIK #1
DAA AIK #2
Wewe can’t
can’t tell
tell if if
AIK
Key #1 and Key#2
#1 and AIK
I know that AIK #1 #2came
camefrom
fromthe the I know that AIK #2
same
same TPM or
TPM or not.
not.
came from a TPM, came from a TPM,
but I don’t know but I don’t know
which one. which one.
a DAA a DAA
signature of signature of
AIK #1 TPM AIK #2
EK AIK #1
DAA AIK #2
Wewe can’t
can’t tell
tell if if
AIK
Key #1 and Key#2
#1 and AIK
I know that AIK #1 #2came
camefrom
fromthe the I know that AIK #2
same
same TPM or
TPM or not.
not.
came from a TPM, came from a TPM,
but I don’t know but I don’t know
which one. which one.
but
stock broker medical clinic
verifier
if the client behaves verifier
badly, I can stop him
to use my service
a DAA a DAA
signature of signature of
AIK #1 TPM AIK #2
EK AIK #1
DAA AIK #2
• what is DAA?
• what is DAA for?
• why DAA?
• how does DAA work?
R0 R S v A e = Z (mod n )
f0 f1
1
σ = (c, s)
verification signature
c ≡ H(gsy-c||msg) msg, r, t, c, s, σ
msg, r, t, c, s, σ
msg, r, t, c, s, σ
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 36
sign
msg, r, t, c, s, σ
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 37
sign
string} ~
rv , rv , rf , rf T~' = T g h g ' (mod n) 2 2
− re rew ree rer
1 2 0 1
if b = 0, N =ζ (mod Γ )
v
rf0 + rf1 2104
msg, r, t, c, s, σ
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 38
sign
string} rv , rv , rf , rf T~'commitment||
~
= T g h g ' (mod n )
2 2
− re rew ree rer
1 2 0 1
if b = 0, N t||n= ζ v||nt||msg}
(mod Γ )
v
rf0 + rf1 2104
msg, r, t, c, s, σ
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 39
sign
s}v =nr),v + cv
1 0 1 1
re , ree , rw , rcrT~,=r=ew
{PK , rg||ζ||
g h Ier ' (mod 2
rw re rr
string} rv , rv , rf , rf ~ T
~ commitment||
' = T g s
h eg =
' r
(mod
2e + nc) ( e2
− 2
− re367
) rew ree rer
1 2 0 1
if b = 0, N t||n= ζ v||nt||msg}
ee = r ee + ce
s(mod Γ)
v
2 rf0 + rf1 2104
are
and N
re , ree , rw , rr , rewHost nonce
, rcomputes v
if b = 1 er s = r + cew
chosen byewothers ew
m = other string are chosenverifier by Host r = r r + cr
& sTPM
s er = rer + cer
respectively
msg, r, t, c, s, σ
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 40
sign
s}v = nrv), + cv
1 0 1 1
re , ree , rw , rcrT~,=r=ew
{PK , rg||ζ||
g h Ier
σ = (ζ , commitment
rw re rr
' (mod
string}
2
, c, nt , s )
rv , rv , rf , rf ~ T
~ commitment||
' = T g s
h e g=' r
(mod
e 2
+ c
n )( e −
2
2 367
− re ) rew ree rer
if b = 1 re , ree , rw , rr , rare
ew
and N
, nonce
r er s = r s+ cew
v
,s ,s ,s )
Host computes
chosen byewothers ew w ew r er
m = other string are chosenverifier by Host &sTPMr = rr + cr
s er = rer + cer
respectively
msg, r, t, c, s, σ
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 41
verify
verify -
c ≡ H hk (PK I || ζ || T1 || T2 || N v || Tˆ1 || Tˆ2 || Tˆ ' 2 || Nˆ v || nt || nv || b || m )
N v ,ζ ∈R γ ζ = (H Γ (1 || bsn ))( Γ −1) / ρ (mod Γ )
s f0 , s f1 ∈ {0,1} 345 s e ∈ {0,1} 361
sensitivity
security
privacy
12/10/2005 Direct anonymous attestation – a signature scheme for TCG page 43
restricted link for a verifier
– named/random base in a DAA signature
sensitivity
security
privacy
combined base
sensitivity
security
privacy
combined base
N v = ζ f0 +f1 2 (mod Γ )
104
ζ = (H(1||bsn))(Γ-1)/ρ (mod Γ)
DAA -
§ is a signature scheme
§ offers a zero knowledge proof of a key certificate
§ provides a variety of balances between security and
privacy by choosing
• random base – for privacy sensitive cases
• named base – for non privacy-sensitive cases
• combinations
§ has a security proof in the random oracle model based on:
• the strong RSA assumption
• the DDH assumption
• TCG initiatives:
http://www.trustedcomputing.org