CryptoDB
Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities
Authors: |
- Ernie Brickell
- Jiangtao Li
|
Download: |
- URL: http://eprint.iacr.org/2007/194
- Search ePrint
- Search Google
|
Abstract: |
Direct Anonymous Attestation (DAA) is a scheme that enables the
remote authentication of a Trusted Platform Module (TPM) while
preserving the user's privacy. A TPM can prove to a remote party
that it is a valid TPM without revealing its identity and without
linkability. In the DAA scheme, a TPM can be revoked only if the DAA
private key in the hardware has been extracted and published widely
so that verifiers obtain the corrupted private key. If the
unlinkability requirement is relaxed, a TPM suspected of being
compromised can be revoked even if the private key is not known.
However, with the full unlinkability requirement intact, if a TPM
has been compromised but its private key has not been distributed to
verifiers, the TPM cannot be revoked. Furthermore, a TPM cannot be
revoked from the issuer, if the TPM is found to be compromised after
the DAA issuing has occurred. In this paper, we present a new DAA
scheme called Enhanced Privacy ID (EPID) scheme that addresses the
above limitations. While still providing unlinkability, our scheme
provides a method to revoke a TPM even if the TPM private key is
unknown. This expanded revocation property makes the scheme useful
for other applications such as for driver's license. Our EPID scheme
is efficient and provably secure in the same security model as DAA,
i.e. in the random oracle model under the strong RSA assumption and
the decisional Diffie-Hellman assumption. |
BibTeX
@misc{eprint-2007-13475,
title={Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities},
booktitle={IACR Eprint archive},
keywords={cryptographic protocols / Anonymity, Privacy, Cryptographic Protocols, Trusted Computing},
url={http://eprint.iacr.org/2007/194},
note={A preliminary version of this paper will be presented at the 6th Workshop on Privacy in the Electronic Society (WPES), Alexandria, Virginia, October 2007 jiangtao.li@intel.com 13747 received 23 May 2007, last revised 22 Aug 2007},
author={Ernie Brickell and Jiangtao Li},
year=2007
}