On a Possible Privacy Flaw in Direct Anonymous Attestation (DAA)
نویسندگان
چکیده
A possible privacy flaw in the TCG implementation of the Direct Anonymous Attestation (DAA) protocol has recently been discovered by Rudolph. This flaw allows a DAA Issuer to covertly include identifying information within DAA Certificates, enabling a colluding DAA Issuer and one or more verifiers to link and uniquely identify users, compromising user privacy and thereby invalidating the key feature provided by DAA. In this paper we argue that, in typical usage scenarios, the weakness identified by Rudolph is not likely to lead to a feasible attack; specifically we argue that the attack is only likely to be feasible if honest DAA signers and verifiers never check the behaviour of issuers. We also suggest possible ways of avoiding the threat posed by Rudolph’s observation.
منابع مشابه
Direct Anonymous Attestation (DAA): Ensuring Privacy with Corrupt Administrators
The Direct Anonymous Attestation (DAA) scheme provides a means for remotely authenticating a trusted platform whilst preserving the user’s privacy. The protocol has been adopted by the Trusted Computing Group (TCG) in the latest version of its Trusted Platform Module (TPM) specification. In this paper we show DAA places an unnecessarily large burden on the TPM host. We demonstrate how corrupt a...
متن کاملCovert Identity Information in Direct Anonymous Attestation (DAA)
Direct anonymous attestation (DAA) is a practical and efficient protocol for authenticated attestation with satisfaction of strong privacy requirements. This recently developed protocol is already adopted by the Trusted Computing Group and included in the standardized trusted platform module TPM. This paper shows that the main privacy goal of DAA can be violated by the inclusion of covert ident...
متن کاملA Forward Secure Direct Anonymous Attestation Scheme
Direct Anonymous Attestation (DAA) is a cryptographic mechanism that enables remote authentication of a Trusted Platform Module (TPM) while preserving its privacy. In this paper, we propose a new DAA scheme based on the strong RSA assumption and the decisional Diffie-Hellman assumption. While satisfying all the security properties proposed in previous DAA schemes, our scheme provides a new desi...
متن کاملEfficient Signatures of Knowledge and DAA in the Standard Model
Direct Anonymous Attestation (DAA) is one of the most complex cryptographic protocols deployed in practice. It allows an embedded secure processor known as a Trusted Platform Module (TPM) to attest to the configuration of its host computer without violating the owner’s privacy. DAA has been standardized by the Trusted Computing Group. The security of the DAA standard and all existing schemes is...
متن کاملDirect Anonymous Attestation for Next Generation TPM
Trusted computing platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. Direct Anonymous Attestation(DAA) is a scheme that allows a Trusted Platform Module (TPM) which is the core component of the trusted computing platform to remotely convince a communication partner that it is indeed a Trusted Platform Module while preserving the us...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008